CVE-2020-36650

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-36650

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-36650.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-36650

Aliases

GHSA-w5mw-f2hq-5fw8

Published

2023-01-11T18:15:09Z

Modified

2025-07-29T09:27:26.176125Z

Severity

8.0 (High) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability, which was classified as critical, was found in IonicaBizau node-gry up to 5.x. This affects an unknown part. The manipulation leads to command injection. Upgrading to version 6.0.0 is able to address this issue. The patch is named 5108446c1e23960d65e8b973f1d9486f9f9dbd6c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-218019.

References

Affected packages

Git / github.com/ionicabizau/node-gry

Affected ranges

Type: GIT
Repo: https://github.com/ionicabizau/node-gry
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5108446c1e23960d65e8b973f1d9486f9f9dbd6c

Fixed

c7319dde5327fdcfbfa0f959be8d7fe82ca11cb0

Affected versions

1.*

1.0.0

2.*

2.0.0

2.0.1

3.*

3.0.0

4.*

4.0.0

4.1.0

4.2.0

4.3.0

4.3.1

5.*

5.0.0

5.0.1

5.0.2

5.0.3

5.0.4

5.0.5

5.0.6

5.0.7

5.0.8