Lucene search
Veracode Vulnerability DatabaseVERACODE:34502HistoryMar 04, 2022 - 5:14 a.m.
OS Command Injection
2022-03-0405:14:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.003 Low
EPSS
Percentile
69.8%
npm-lockfile is vulnerable to OS command injection. An attacker is able to inject malicious OS command to invoke sensitive command execution API.
| CPE | Name | Operator | Version |
|---|---|---|---|
| npm-lockfile | le | 2.0.4 | |
| npm-lockfile | le | 1.0.3 | |
| npm-lockfile | le | 3.0.2 | |
| npm-lockfile | le | 2.0.4 | |
| npm-lockfile | le | 1.0.3 | |
| npm-lockfile | le | 3.0.2 |
Related
prion
prion
Command injection
2022-03-03 16:15:00
cve
cve
CVE-2022-0841
2022-03-03 16:15:07
redhatcve
redhatcve
CVE-2022-0841
2022-03-04 00:19:23
osv
osv
OS Command injection in npm-lockfile
2022-03-04 00:00:18
CVE-2022-0841
2022-03-03 16:15:07
huntr
huntr
OS Command Injection
2022-02-28 19:32:22
cvelist
cvelist
CVE-2022-0841 OS Command Injection in ljharb/npm-lockfile
2022-03-03 15:50:10
nvd
nvd
CVE-2022-0841
2022-03-03 16:15:07
github
github
OS Command injection in npm-lockfile
2022-03-04 00:00:18