Command Injection
CVE-2020-28451

9.8CRITICAL

Key Information:

Vendor: Image-tiler Project
Status: Image-tiler
Vendor: CVE Published:; 2 August 2022

🔔 Create Image-tiler Project Vulnerability Alert

What is CVE-2020-28451?

This affects the package image-tiler before 2.0.2.

Affected Version(s)

image-tiler < 2.0.2

References

https://security.snyk.io/vuln/SNYK-JS-IMAGETILER-1051029

x_refsource_MISC

https://github.com/MrP/image-tiler/commit/f4a0b13a4bf4365...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 2, 2022
Vulnerability Reserved
Nov 12, 2020

Credit

JHU System Security Lab

.