Lucene search
Veracode Vulnerability DatabaseVERACODE:35073HistoryApr 13, 2022 - 8:00 a.m.
Command Injection
2022-04-1308:00:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.002 Low
EPSS
Percentile
58.5%
npm-dependency-versions is vulnerable to command injection. The vulnerability exists due to a lack of sanitization of input via the API endpoint via the dependencyVersions() function.
| CPE | Name | Operator | Version |
|---|---|---|---|
| npm-dependency-versions | le | 0.3.0 | |
| npm-dependency-versions | le | 0.3.0 |
Related
nvd
nvd
CVE-2022-29080
2022-04-12 05:15:07
github
github
Command injection in npm-dependency-versions
2022-04-13 00:00:33
osv
osv
Command injection in npm-dependency-versions
2022-04-13 00:00:33
cve
cve
CVE-2022-29080
2022-04-12 05:15:07
cnvd
cnvd
npm-dependency-versions command injection vulnerability
2022-04-15 00:00:00
prion
prion
Command injection
2022-04-12 05:15:00
cvelist
cvelist
CVE-2022-29080
2022-04-12 04:45:34