CVE-2022-25908

Command Injection in create-choo-electron in npm/create-choo-electron

Identifiers

CVE-2022-25908, GHSA-j8wr-fwf2-vvr9

Package Slug

npm/create-choo-electron

Vulnerability

Command Injection in create-choo-electron

Description

All versions of the package create-choo-electron is vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-27

source