Npm Lockfile
1 CVEs
product
Monthly
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Command Injection
Node.js
Npm Lockfile
NVD
GitHub
CVSS 3.1
9.8
EPSS
2.7%
CVE-2022-0841
npm
EPSS 3%
CVSS 9.8
CRITICAL
POC
PATCH
Act Now
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Command Injection
Node.js
Npm Lockfile
NVD
GitHub