2 matches found
CVE-2022-24377
The vulnerability CVE-2022-24377 affects the JavaScript package cycle-import-check, specifically versions prior to 1.3.2. The root cause is improper sanitization in the writeFileToTmpDirAndOpenIt function, which enables Command Injection when untrusted input is processed. Impact is high, with the...
CVE-2022-24377 Command Injection
The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization...