Shiba Project : Security Vulnerabilities, CVEs,

CVE-2020-7738

All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().
Max CVSS
8.3
EPSS Score
0.11%
Published
2020-10-02
Updated
2020-10-06

CVE-2017-1000491

Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration.
Max CVSS
6.1
EPSS Score
0.07%
Published
2018-01-03
Updated
2018-01-16
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close