CVE-2022-25908

All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.
References
Link Resource
https://security.snyk.io/vuln/SNYK-JS-CREATECHOOELECTRON-3157953 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:create-choo-electron_project:create-choo-electron:*:*:*:*:*:node.js:*:*

Information

Published : 2023-01-26 09:15

Updated : 2023-02-02 06:25


NVD link : CVE-2022-25908

Mitre link : CVE-2022-25908

Products Affected
No products.
CWE