Filtered by vendor Post-loader Project
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-0748 | 1 Post-loader Project | 1 Post-loader | 2022-03-23 | 7.5 HIGH | 9.8 CRITICAL |
The package post-loader from 0.0.0 are vulnerable to Arbitrary Code Execution which uses a markdown parser in an unsafe way so that any javascript code inside the markdown input files gets evaluated and executed. |