Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2020-8137 Vulnerability in maven package org.webjars.npm:uppy

Description

Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker.

Remediation

References

https://hackerone.com/reports/772448

Related Vulnerabilities

CVE-2023-22457 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-ui

CVE-2023-29204 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore

CVE-2023-3635 Vulnerability in maven package com.squareup.okio:okio

CVE-2023-5245 Vulnerability in maven package ml.combust.bundle:bundle-ml_2.12

CVE-2022-25858 Vulnerability in npm package terser

Severity

Critical

Classification

CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Patch Third Party Advisory