morgan — CVE history (npm)

morgan

1 CVEs affect the morgan npm package (highest CVSS 9.8). Latest disclosed: 2019-03-21. Full CVE history sourced from NVD.

Summary

Package
morgan (npm)
Total CVEs
1
Actively exploited (CISA KEV)
0
Highest CVSS
9.8
Latest disclosed
2019-03-21

Recent CVEs (top 1)

CVESeverityCVSSKEVPublishedSummary
CVE-2019-5413Critical9.82019-03-21An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1.

All-time worst (top 1 by CVSS)

CVESeverityCVSSKEVPublishedSummary
CVE-2019-5413Critical9.82019-03-21An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1.