CVE-2022-26205

Vulnerable Component Details
Type Namespace Name Version Package URL
npm None marky 1.2.2 pkg:npm/marky@1.2.2?package-id=1791b16693f7e301
Vulnerability Details
ID CVE-2022-26205
Description Marky commit 3686565726c65756e was discovered to contain a remote code execution (RCE) vulnerability via the Display text fields. This vulnerability allows attackers to execute arbitrary code via injection of a crafted payload.
Ratings
Severity Score Method Vector Source
None None
9.8 CVSSv2 AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 CVSSv31 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Found By Anchore Grype
References / Advisories