1 results (0.001 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVE-2022-25921 – Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2022-25921
All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor. Todas las versiones del paquete morgan-json son vulnerables a una Ejecución Arbitraria de Código debido a una falta de saneo de la entrada pasada al constructor de la función • https://github.com/indexzero/morgan-json/blob/3a76010215a4256d41687d082cd66c4f00ea5717/index.js%23L46 https://security.snyk.io/vuln/SNYK-JS-MORGANJSON-2976193 •