{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T15:01:06.412","vulnerabilities":[{"cve":{"id":"CVE-2020-4066","sourceIdentifier":"security-advisories@github.com","published":"2020-06-22T16:15:11.760","lastModified":"2024-11-21T05:32:14.667","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Limdu before 0.95, the trainBatch function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This has been patched in 0.95."},{"lang":"es","value":"En Limdu versiones anteriores a 0.95, la función trainBatch tiene una vulnerabilidad de inyección de comandos. Es poco probable que los clientes de la biblioteca de Limdu se den cuenta de esto, por lo que pueden escribir involuntariamente código que contiene una vulnerabilidad. Esto ha sido parcheado en la versión 0.95"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:limdu_project:limdu:*:*:*:*:*:*:*:*","versionEndExcluding":"0.9.5","matchCriteriaId":"8A0367BD-AC75-4615-91CF-9809938A1CB9"}]}]}],"references":[{"url":"https://github.com/erelsgl/limdu/security/advisories/GHSA-77qv-gh6f-pgh4","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://github.com/erelsgl/limdu/security/advisories/GHSA-77qv-gh6f-pgh4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}