Workspace Tools
1 CVEs
product
Monthly
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Command Injection
Workspace Tools
NVD
GitHub
CVSS 3.1
9.8
EPSS
6.8%
CVE-2022-25865
npm
EPSS 7%
CVSS 9.8
CRITICAL
POC
PATCH
Act Now
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Command Injection
Workspace Tools
NVD
GitHub