Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:39508
HistoryMar 03, 2023 - 6:45 p.m.

Command Injection

2023-03-0318:45:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
command injection
vulnerability
user-input
sanitization
devinstall
arbitrary commands
software

0.002 Low

EPSS

Percentile

61.7%

JSON

create-choo-electron is vulnerable to Command Injection. The vulnerability exists due to improper user-input sanitization in the devinstall function, which allows an attacker to execute arbitrary commands.

Related

cve 1
cvelist 1
nvd 1
ibm 1
osv 1
prion 1
github 1
cve
cve
CVE-2022-25908
2023-01-26 21:15:31
cvelist
cvelist
CVE-2022-25908
2023-01-24 05:00:01
nvd
nvd
CVE-2022-25908
2023-01-26 21:15:31
ibm
ibm
Security Bulletin: There is a security vulnerability in Node.js create-choo-electron module used by IBM Maximo for Civil Infrastructure in Maximo Application Suite (CVE-2022-25908)
2023-03-29 09:32:09
osv
osv
Command Injection in create-choo-electron
2023-01-26 21:30:25
prion
prion
Command injection
2023-01-26 21:15:00
github
github
Command Injection in create-choo-electron
2023-01-26 21:30:25

0.002 Low

EPSS

Percentile

61.7%

JSON
Related for VERACODE:39508
cve1cvelist1nvd1ibm1osv1prion1github1