CVE-2021-34078

Published June 2nd, 2022

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

9.3

HIGH

Affected

PROJECT

Description

lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project's package.json file.

lifion/lifion-verify-deps

Checks that installed NPM modules are the latest currently available version.

GitHub