vulnerability
Ubuntu: USN-6016-1 (CVE-2020-7677): thenify vulnerability
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Jul 25, 2022 | Apr 17, 2023 | Jan 28, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Jul 25, 2022
Added
Apr 17, 2023
Modified
Jan 28, 2025
Description
This affects the package thenify before 3.3.1. The name argument provided to the package can be controlled by users without any sanitization, and this is provided to the eval function without any sanitization.
Solution
ubuntu-upgrade-node-thenify

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.