CVE-2020-7673

Published: 2020-06-10T16:15Z

Last Modified: 2024-11-21T05:37Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `eval` function, resulting in code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt