Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7738 | 1 Shiba Project | 1 Shiba | 2024-11-21 | 6.5 MEDIUM | 8.3 HIGH |
|
All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().
|
|||||
| CVE-2017-1000491 | 1 Shiba Project | 1 Shiba | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration.
|
|||||