CVE-2020-7778: OS Command Injection

November 26, 2020 (updated December 1, 2020)

This affects the package systeminformation The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands.

References

nvd.nist.gov/vuln/detail/CVE-2020-7778

Code Behaviors & Features

Detect and mitigate CVE-2020-7778 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →