Описание
nemo-appium vulnerable to OS Command Injection
Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function.
Note: In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies.
Пакеты
Наименование
nemo-appium
npm
Затронутые версииВерсия исправления
< 0.0.9
0.0.9
Связанные уязвимости
CVSS3: 7.4
nvd
около 3 лет назад
Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function. **Note:** In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies.