Devcert Project Devcert — known CVE vulnerabilities
Every CVE whose affected-product data names Devcert Project Devcert, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-8186 — CVSS 9.8 (critical): A command injection vulnerability in the `devcert` module may lead to remote code execution when users of the module pass untrusted input…
CVE-2022-1929 — CVSS 5.9 (medium): An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the devcert npm package, when an attacker is able to supply…