CVE-2020-28430

07 Nov 2023, 03:21

Type	Values Removed	Values Added
CWE	CWE-78
References	{'url': 'https://snyk.io/vuln/SNYK-JS-NUANCEGULPBUILDCOMMON-1050419', 'name': 'https://snyk.io/vuln/SNYK-JS-NUANCEGULPBUILDCOMMON-1050419', 'tags': ['Exploit', 'Third Party Advisory'], 'refsource': 'MISC'}
CVSS	v2 : 7.5 v3 : 9.8	v2 : unknown v3 : unknown
Summary	** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

---

12 Aug 2021, 15:15

Type	Values Removed	Values Added
CWE	CWE-77	CWE-78
CPE	cpe:2.3:a:nuance-gulp-build-common_project:nuance-gulp-build-common:-:*:*:*:*:*:*:*
Summary	All versions of package nuance-gulp-build-common are vulnerable to Command Injection via the index.js file. PoC: /var a = require("nuance-gulp-build-common") a.run("touch JHU")	** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

---

27 Feb 2021, 02:20

Type	Values Removed	Values Added
CPE		cpe:2.3:a:nuance-gulp-build-common_project:nuance-gulp-build-common:-:*:*:*:*:*:*:*
References	(MISC) https://snyk.io/vuln/SNYK-JS-NUANCEGULPBUILDCOMMON-1050419 -	(MISC) https://snyk.io/vuln/SNYK-JS-NUANCEGULPBUILDCOMMON-1050419 - Exploit, Third Party Advisory
CVSS	v2 : unknown v3 : unknown	v2 : 7.5 v3 : 9.8
CWE		CWE-77

---

23 Feb 2021, 16:22

Type	Values Removed	Values Added
New CVE

---