Vulnerabilities > Node Openssl Project > Node Openssl > 1.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-23 | CVE-2023-49210 | Command Injection vulnerability in Node-Openssl Project Node-Openssl 1.0.2 The openssl (aka node-openssl) NPM package through 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and accepts an opts argument that contains a verb field (used for command execution). | 9.8 |