GHSA-6367-p3v8-7mgw

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-6367-p3v8-7mgw/GHSA-6367-p3v8-7mgw.json

Aliases

• CVE-2020-28436

Published

2022-07-26T00:01:06Z

Modified

2022-08-06T05:20:37Z

Details

A command injection vulnerability affects all versions of the deprecated package google-cloudstorage-commands.

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-28436
• https://github.com/samradical/google-cloudstorage-commands
• https://github.com/samradical/google-cloudstorage-commands/blob/master/index.js%23L11
• https://security.snyk.io/vuln/SNYK-JS-GOOGLECLOUDSTORAGECOMMANDS-1050431