CVE-2022-0841 LOW

CVE-2022-0841: OS Command Injection in ljharb/npm-lockfile

Vendor Ljharb

Product ljharb/npm-lockfile

Weakness CWE-78

Published March 3, 2022

Last update August 2, 2024

CVSS base score

3.8/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

What the vulnerability does

01Description

OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.

Key dates

March 3, 2022 CVE published

August 2, 2024 Record updated

External resources

Related vulnerabilities

CVE CVE-2022-0841

CWE CWE-78

CVSS 3.8 / LOW

Vendor Ljharb

Product ljharb/npm-lockfile

Affected 2.0.3

Vendor Ljharb

Product ljharb/npm-lockfile

Affected 2.0.4