Vulnerability Details CVE-2022-0841
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.2%
CVSS Severity
CVSS v3 Score 3.8
CVSS v2 Score 10.0
References
- https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8
- https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1
- https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8
- https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1
Products affected by CVE-2022-0841
-
cpe:2.3:a:npm-lockfile_project:npm-lockfile:2.0.3
-
cpe:2.3:a:npm-lockfile_project:npm-lockfile:2.0.4