{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-27T15:01:49.921","vulnerabilities":[{"cve":{"id":"CVE-2020-7607","sourceIdentifier":"report@snyk.io","published":"2020-03-15T22:15:14.957","lastModified":"2026-06-17T03:25:06.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument 'options' of the exports function in 'index.js' can be controlled by users without any sanitization."},{"lang":"es","value":"gulp-styledocco versiones hasta 0.0.3, permite una ejecución de comandos arbitraria. El argumento \"options\" de la función de exportación en el archivo \"index.js\", puede ser controlado por los usuarios sin ningún saneamiento."}],"affected":[{"source":"report@snyk.io","affectedData":[{"vendor":"n/a","product":"gulp-styledocco","versions":[{"version":"All versions including 0.0.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gulp-styledocco_project:gulp-styledocco:*:*:*:*:*:node.js:*:*","versionEndIncluding":"0.0.3","matchCriteriaId":"BF8C9927-373F-4FE3-A89F-D38A3CCC0A5C"}]}]}],"references":[{"url":"https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126","source":"report@snyk.io","tags":["Exploit","Third Party Advisory"]},{"url":"https://snyk.io/vuln/SNYK-JS-GULPSTYLEDOCCO-560126","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}