Lucene search
PRIOn knowledge basePRION:CVE-2022-29080HistoryApr 12, 2022 - 5:15 a.m.
Command injection
2022-04-1205:15:00
PRIOn knowledge base
www.prio-n.com
2
The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value.
| CPE | Name | Operator | Version |
|---|---|---|---|
| npm-dependency-versions | le | 0.3.0 |
Related
nvd
nvd
CVE-2022-29080
2022-04-12 05:15:07
github
github
Command injection in npm-dependency-versions
2022-04-13 00:00:33
veracode
veracode
Command Injection
2022-04-13 08:00:06
osv
osv
Command injection in npm-dependency-versions
2022-04-13 00:00:33
cve
cve
CVE-2022-29080
2022-04-12 05:15:07
cnvd
cnvd
npm-dependency-versions command injection vulnerability
2022-04-15 00:00:00
cvelist
cvelist
CVE-2022-29080
2022-04-12 04:45:34