Published: 22/06/2020 Updated: 30/06/2020

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 802

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

In Limdu prior to 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95.

Vulnerable Product	Search on Vulmon	Subscribe to Product
limdu project limdu

Welcome to the OpenSSF CVE Benchmark project! The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools The benchmark addresses two problems that security teams face today when assessing

The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.

Welcome to the OpenSSF CVE Benchmark project! The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools The benchmark addresses two problems that security teams face today when assessing

CWE-78 https://github.com/erelsgl/limdu/security/advisories/GHSA-77qv-gh6f-pgh4 https://nvd.nist.gov https://github.com/javascript-benchmark/ossf-cve-benchmark https://github.com/ossf-cve-benchmark/ossf-cve-benchmark

CVE-2020-4066

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect