Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Aws_shared_configuration_file_loader
(Amazon)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-19 | CVE-2020-28472 | This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. If an attacker submits a malicious INI file to an application that parses it with loadSharedConfigFiles , they will pollute the prototype on the application. This can be exploited further depending on the context. | Aws_sdk_for_javascipt, Aws_shared_configuration_file_loader | 9.8 |