CVE-2022-21191 - CERT CVE
ID CVE-2022-21191
Sažetak Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.
Reference
CVSS
Base: 9.8
Impact: 5.9
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW -
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 07-11-2023 - 03:43
Objavljeno 13-01-2023 - 05:15