{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-01T06:56:10.915","vulnerabilities":[{"cve":{"id":"CVE-2020-5282","sourceIdentifier":"security-advisories@github.com","published":"2020-03-25T19:15:15.980","lastModified":"2026-06-17T03:21:11.823","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the `npm` command which is part of this software package. This allows arbitrary shell execution,which can compromise the bot This is patched in version 1.0.0-beta"},{"lang":"es","value":"En Nick Chan Bot versiones anteriores a 1.0.0-beta, se presenta una vulnerabilidad en el comando \"npm\" el cual es parte de este paquete de software. Esto permite una ejecución de shell arbitraria, lo que puede comprometer al bot. Esto se parcheó en la versión 1.0.0-beta."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Nick Chan","product":"nickchanbot","versions":[{"version":"< 1.0.0-beta","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nick_chan_bot_project:nick_chan_bot:1.0.0:beta_pre_11:*:*:*:*:*:*","matchCriteriaId":"11AC2378-8131-44F0-8347-5BEBEABC4A99"},{"vulnerable":true,"criteria":"cpe:2.3:a:nick_chan_bot_project:nick_chan_bot:1.0.0:beta_pre_7:*:*:*:*:*:*","matchCriteriaId":"91A429D2-B851-4611-866D-CD39841C4119"},{"vulnerable":true,"criteria":"cpe:2.3:a:nick_chan_bot_project:nick_chan_bot:1.0.0:beta_pre_8:*:*:*:*:*:*","matchCriteriaId":"5EC0F894-0755-49AD-ADB5-B410838E0E22"},{"vulnerable":true,"criteria":"cpe:2.3:a:nick_chan_bot_project:nick_chan_bot:1.0.0:beta_pre_9:*:*:*:*:*:*","matchCriteriaId":"1BB1D112-3880-410B-8E30-D66F9956FC13"}]}]}],"references":[{"url":"https://github.com/Assfugil/nickchanbot/commit/d7dc87523fc8bb6babbf8d636c339193b236a3ba","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/Assfugil/nickchanbot/security/advisories/GHSA-8xwp-r7pj-cgw3","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/Assfugil/nickchanbot/commit/d7dc87523fc8bb6babbf8d636c339193b236a3ba","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/Assfugil/nickchanbot/security/advisories/GHSA-8xwp-r7pj-cgw3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}