Vulnerabilities (CVE)

Filtered by vendor Devcert Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1929 1 Devcert Project 1 Devcert 2024-11-21 5.0 MEDIUM 5.9 MEDIUM
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply arbitrary input to the certificateFor method
CVE-2020-8186 1 Devcert Project 1 Devcert 2024-11-21 7.5 HIGH 9.8 CRITICAL
A command injection vulnerability in the `devcert` module may lead to remote code execution when users of the module pass untrusted input to the `certificateFor` function.