github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/vulnsrc/node/testdata/happy/node_cvssnumberonly/nodejs-security-wg/vuln/npm_cvssnumberonly.json

github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/vulnsrc/node/testdata/happy/node_cvssnumberonly/nodejs-security-wg/vuln/npm_cvssnumberonly.json (about)

     1  {
     2    "id": 1,
     3    "created_at": "2015-10-17",
     4    "updated_at": "2016-04-28",
     5    "title": "Arbitrary JavaScript Execution",
     6    "author": {
     7      "name": "Jarda Kotěšovec",
     8      "website": null,
     9      "username": null
    10    },
    11    "module_name": "bassmaster",
    12    "publish_date": "2014-09-27",
    13    "cves": [
    14      "CVE-2014-7205"
    15    ],
    16    "vulnerable_versions": "<=1.5.1",
    17    "patched_versions": ">=1.5.2",
    18    "overview": "A vulnerability exists in bassmaster <= 1.5.1 that allows for an attacker to provide arbitrary JavaScript that is then executed server side via eval.",
    19    "recommendation": "Update to bassmaster version 1.5.2 or greater.",
    20    "references": [
    21      "https://www.npmjs.org/package/bassmaster",
    22      "https://github.com/hapijs/bassmaster/commit/b751602d8cb7194ee62a61e085069679525138c4"
    23    ],
    24    "cvss_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
    25    "cvss_score": 6.5,
    26    "coordinating_vendor": "^Lift Security"
    27  }