CVE-2022-4864: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

December 30, 2022 (updated October 11, 2023)

Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.

References

github.com/advisories/GHSA-3v7m-2jrh-vc93
github.com/froxlor/froxlor/commit/f2485ecd9aab8da544b5e12891d82ae6fcff5fc7
huntr.dev/bounties/b7140709-8f84-4f19-9463-78669fa2175b
nvd.nist.gov/vuln/detail/CVE-2022-4864

Code Behaviors & Features

Detect and mitigate CVE-2022-4864 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →