EPSS
Percentile
53.7%
cycle-import-check is vulnerable to command injection. The vulnerability exists due to the writeFileToTmpDirAndOpenIt function in file.ts improperly sanitizating user-input which allows an attacker to inject and execute arbitrary commands.
writeFileToTmpDirAndOpenIt
file.ts
github.com/advisories/GHSA-995x-33wq-8gc9
github.com/Soontao/cycle-import-check/commit/1ca97b59df7e9c704471fcb4cf042ce76d7c9890