{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-02T09:32:26.375","vulnerabilities":[{"cve":{"id":"CVE-2019-10778","sourceIdentifier":"report@snyk.io","published":"2020-01-08T16:15:10.797","lastModified":"2026-06-17T02:11:39.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"devcert-sanscache before 0.4.7 allows remote attackers to execute arbitrary code or cause a Command Injection via the exec function. The variable `commonName` controlled by user input is used as part of the `exec` function without any sanitization."},{"lang":"es","value":"devcert-sanscache versiones anteriores a la versión  0.4.7, permite a atacantes remotos ejecutar código arbitrario o causar una Inyección de Comando por medio de la función exec. La variable \"commonName\" controlada por la entrada del usuario es usada como parte de la función \"exec\" sin ningún tipo de saneamiento."}],"affected":[{"source":"report@snyk.io","affectedData":[{"vendor":"n/a","product":"devcert-sanscache","versions":[{"version":"All versions prior to version 0.4.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devcert-sanscache_project:devcert-sanscache:*:*:*:*:*:*:*:*","versionEndExcluding":"0.4.7","matchCriteriaId":"C8F77C3D-6D01-41C0-B850-F5B55906A239"}]}]}],"references":[{"url":"https://snyk.io/vuln/SNYK-JS-DEVCERTSANSCACHE-540926","source":"report@snyk.io","tags":["Patch","Third Party Advisory"]},{"url":"https://snyk.io/vuln/SNYK-JS-DEVCERTSANSCACHE-540926","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}