CVE-2020-7775: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

April 13, 2021

This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line of freediskspace.js.

References

github.com/advisories/GHSA-4gfq-6m28-m5mg
nvd.nist.gov/vuln/detail/CVE-2020-7775
snyk.io/vuln/SNYK-JS-FREEDISKSPACE-1040716

Detect and mitigate CVE-2020-7775 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →