//Github.Com/Vvo
Approved changes feed: RSS · Atom
cpe:2.3:a:https://github.com/vvo:whereis:*:*:*:*:*:*:*:*
part: a version: whereis update: *
| Vendor | Https (d7181f43-5065-54de-83f7-090f042665aa) |
|---|---|
| Product | //Github.Com/Vvo (59b0a7f2-6139-50b7-be4e-4f78d39a3c95) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-3772 |
vulnerable | 2026-06-03 14:38:50.425750 |
Details available
Concatenating unsanitized user input in the `whereis` npm module < 0.4.1 allowed an attacker to execute arbitrary commands. The `whereis` module is deprecated and it is recommended to use the `which` npm module instead.
Published: 2018-07-30T18:00:00.000Z
Updated: 2024-09-17T02:26:55.080Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.