Vulnerabilities > Umbraengineering

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-07	CVE-2018-16460	OS Command Injection vulnerability in Umbraengineering PS 0.0.1/0.0.2 A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID. network low complexity umbraengineering CWE-78 critical	9.8
2018-07-03	CVE-2018-3751	Improper Input Validation vulnerability in Umbraengineering Merge-Recursive The utilities function in all versions <= 0.3.0 of the merge-recursive node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. network low complexity umbraengineering CWE-20 critical	9.8

Vulnerabilities > Umbraengineering {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Umbraengineering"}]}