CVE-2022-21191

Improper Neutralization of Special Elements used in a Command ('Command Injection') in npm/npm-node-utils

Identifiers

CVE-2022-21191

Package Slug

npm/npm-node-utils

Vulnerability

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Description

Versions of the package global-modules-path before 3.0.0 is vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.

Affected Versions

All versions before 3.0.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-23

source