CVE-2022-24377

Published December 14th, 2022

View on NVD ↗

CVSS v3

7.4

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization.

Soontao/cycle-import-check

JS module circular dependency check tool

GitHub