morgan — CVE history (npm)
morgan
1 CVEs affect the morgan npm package (highest CVSS 9.8). Latest disclosed: 2019-03-21. Full CVE history sourced from NVD.
Summary
- Package
morgan(npm)- Total CVEs
1- Actively exploited (CISA KEV)
- 0
- Highest CVSS
9.8- Latest disclosed
- 2019-03-21
Recent CVEs (top 1)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2019-5413 | Critical | 9.8 | — | 2019-03-21 | An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1. |
All-time worst (top 1 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2019-5413 | Critical | 9.8 | — | 2019-03-21 | An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1. |