Количество 2
Количество 2
CVE-2022-21186
больше 3 лет назад
The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.
CVSS3: 9.8
EPSS: Низкий
GHSA-m2fc-9h5m-29cm
больше 3 лет назад
@acrontum/filesystem-template vulnerable to Command Injection due to fetchRepo API missing sanitization
CVSS3: 9.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-21186 The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input. | CVSS3: 9.8 | 7% Низкий | больше 3 лет назад |
| GHSA-m2fc-9h5m-29cm @acrontum/filesystem-template vulnerable to Command Injection due to fetchRepo API missing sanitization | CVSS3: 9.8 | 7% Низкий | больше 3 лет назад |
Уязвимостей на страницу
20