Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Geojson2kml
(Geojson2kml_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-23 | CVE-2020-28429 | All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require("geojson2kml"); a("./","& touch JHU",function(){}) | Geojson2kml | 9.8 |