All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.
Metrics
Affected Vendors & Products
References
History
Tue, 01 Apr 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-77 | |
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: snyk
Published: 2023-01-24T05:00:01.702Z
Updated: 2025-04-01T15:30:09.604Z
Reserved: 2022-02-24T11:58:25.166Z
Link: CVE-2022-25908

Updated: 2024-08-03T04:49:44.155Z

Status : Modified
Published: 2023-01-26T21:15:31.873
Modified: 2025-04-01T16:15:16.030
Link: CVE-2022-25908

No data.