Описание
OS Command Injection in fsa
fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary commands.
Пакеты
Наименование
fsa
npm
Затронутые версииВерсия исправления
<= 0.5.1
Отсутствует
Связанные уязвимости
CVSS3: 7.8
nvd
почти 6 лет назад
fsa through 0.5.1 is vulnerable to Command Injection. The first argument of 'execGitCommand()', located within 'lib/rep.js#63' can be controlled by users without any sanitization to inject arbitrary commands.