Soontao/cycle-import-check

Releases16

Frequency2 months 1 week

Last Release over 3 years ago

Stars22

JS module circular dependency check tool

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-24377 ↗	Dec 14, 2022Wednesday, 14 December 2022, 05:15	7.4 HIGH	—
The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization.