Headline

CVE-2020-7795: get-npm-package-version

The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js.

2 years ago

CVE

Open in Source

#nodejs #js #git

skip to package search or skip to sign in

❤Notable Pseudocode Mashups

Products
- Pro
- Teams
Pricing
Documentation

Sign UpSign In

**get-npm-package-version

1.0.6 • Public • Published 5 years ago

Readme
Explore BETA
0 Dependencies
16 Dependents
9 Versions

description

get npm package version

API

npm i get-npm-package-version


const version = require('get-npm-package-version')(packageName[, { registry, timeout }]);

packageName

packageName
registry

npm registry when getting version
timeout

timeout when getting version

return

return null when timeout or error happens
return version when getting version successfully

Keywords

npm
package
version

Install

npm i [email protected]

Repository

Gitgithub.com/hoperyy/get-npm-package-version

Homepage

github.com/hoperyy/get-npm-package-version

Version

1.0.6

License

ISC

Last publish

a year ago

Collaborators

Try on RunKit

Report malware

The package get-npm-package-version before 1.0.7 is vulnerable to Command Injection via the `main` function in index.js.

2 years ago

ghsa

Open in Source

#vulnerability #nodejs #js #git

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

11 months ago

11 months ago

11 months ago

11 months ago

11 months ago

Headline

CVE-2020-7795: get-npm-package-version

Related news

CVE: Latest News