The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2022-12-15T03:44:03.964951Z
Updated: 2024-09-16T19:10:17.597Z
Reserved: 2022-02-24T00:00:00
Link: CVE-2022-24377
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-14T05:15:11.283
Modified: 2023-08-08T14:21:49.707
Link: CVE-2022-24377
Redhat
No data.