Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
npm-dependency-versions project npm-dependency-versions vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-29080
The npm-dependency-versions package up to and including 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value.
Npm-dependency-versions Project Npm-dependency-versions
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started