EUVD-2022-0430

Malicious code in bioql PyPI...

GHSA-3269-X4PW-VFFG OS Command Injection in diskusage-ng

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

OS Command Injection in diskusage-ng

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

OS Command Injection

diskusage-ng is vulnerable to OS Command Injection. The vulnerability exists as the value of path is not sanitized, and is used in exec...

diskusage-ng Command Injection Vulnerability

diskusage-ng is a package that can obtain disk usage information. A command injection vulnerability exists in diskusage-ng version 0.2.4 and earlier. The vulnerability can be exploited to execute arbitrary commands using the path parameter...

CVE-2020-7631

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

Design/Logic Flaw

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

CVE-2020-7631

Diskusage-ng (npm package) vulnerability CVE-2020-7631: versions up to 0.2.4 are vulnerable to Command Injection via the path argument due to unsanitized input. Impact: arbitrary commands may be executed with the affected code path. Root cause: user-controlled path parameter not sanitized before ...

CVE-2020-7631

diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument...

Command Injection

Overview diskusage-ng is a package that get disk usage info in pure JavaScript and without any dependencies. Affected versions of this package are vulnerable to Command Injection. The argument path can be controlled by users without any sanitization. PoC var root = require"diskusage-ng"; root...