CVE-2022-21191

Published
View on NVD ↗
CVSS v3
7.4
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.

rosen-vladimirov/global-modules-path
rosen-vladimirov/global-modules-path
Returns path to globally installed package
GitHubGitHub
1
lorenzomigliorero/npm-node-utils
lorenzomigliorero/npm-node-utilsUNAVAILABLE
A little utility to get info about installed and remote npm packages.
GitHubGitHub