CVE-2023-29199: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
(updated )
Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) in vm2.
References
- gist.github.com/leesh3288/f05730165799bf56d70391f3d9ea187c
- github.com/advisories/GHSA-xj72-wvfv-8985
- github.com/patriksimek/vm2/commit/24c724daa7c09f003e556d7cd1c7a8381cb985d7
- github.com/patriksimek/vm2/issues/516
- github.com/patriksimek/vm2/releases/tag/3.9.16
- github.com/patriksimek/vm2/security/advisories/GHSA-xj72-wvfv-8985
Detect and mitigate CVE-2023-29199 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →