Search for packages
| purl | pkg:npm/clamscan@1.0.0-beta.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-qtgd-uwy8-ffaw
Aliases: CVE-2020-7613 GHSA-5v25-xr56-phph |
Clamscan vulnerable to command injection clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that will be chained to execute. This lowers the risk of this issue. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T21:02:28.805582+00:00 | GitLab Importer | Affected by | VCID-qtgd-uwy8-ffaw | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/clamscan/CVE-2020-7613.yml | 38.4.0 |
| 2026-04-11T22:13:50.289029+00:00 | GitLab Importer | Affected by | VCID-qtgd-uwy8-ffaw | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/clamscan/CVE-2020-7613.yml | 38.3.0 |
| 2026-04-02T22:26:11.646522+00:00 | GitLab Importer | Affected by | VCID-qtgd-uwy8-ffaw | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/clamscan/CVE-2020-7613.yml | 38.1.0 |
| 2026-04-01T16:44:07.313066+00:00 | GitLab Importer | Affected by | VCID-qtgd-uwy8-ffaw | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/clamscan/CVE-2020-7613.yml | 38.0.0 |