Vulnerabilities (CVE)

Filtered by vendor Shiba Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7738 1 Shiba Project 1 Shiba 2024-02-04 6.5 MEDIUM 8.3 HIGH
All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().
CVE-2017-1000491 1 Shiba Project 1 Shiba 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration.