7 matches found
EUVD-2022-6151
Malicious code in bioql PyPI...
CVE-2021-34078
lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project's package.json file...
OS Command Injection in lifion-verify-deps
lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project's package.json file...
GHSA-RPHM-C8GW-3R38 OS Command Injection in lifion-verify-deps
lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project's package.json file...
CVE-2021-34078
lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project's package.json file...
lifion-verify-dependencies 操作系统命令注入漏洞
lifion-verify-dependencies is lifion's way of checking that the installed NPM module is the latest version currently available. A security vulnerability exists in lifion-verify-dependencies version 1.1.0, which can be exploited by an attacker to execute remote code...
CVE-2021-34078
CVE-2021-34078 affects lifion-verify-dependencies up to version 1.1.0, enabling an OS command injection via a crafted dependency name in a project’s package.json. Multiple connected sources (Red Hat, Veracode, GitHub advisories, CVE/CVE lists) corroborate the vulnerability and its impact (high se...