5 matches found
Acrontum Filesystem-Template Package Command Injection (CVE-2022-21186)
A command injection vulnerability exists in Acrontum Filesystem-Template package. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-21186
The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input...
CVE-2022-21186 Arbitrary Command Injection
The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input...
CVE-2022-21186 Arbitrary Command Injection
The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input...
CVE-2022-21186
The CVE-2022-21186 issue affects @acrontum/filesystem-template versions prior to 0.0.2. The root cause is lack of sanitization of the href field in the fetchRepo API on external input, enabling Arbitrary Command Injection. Reported impact is high severity: potential remote code execution with net...