MidnightBSD

Advisories for global-modules-path_project

CVE-2022-21191

Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.

Products Affected

Vendor Product Version
global-modules-path_project global-modules-path *