Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-c6rx-gxqv-vr5j: nemo-appium vulnerable to OS Command Injection

Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the ‘module.exports.setup’ function.

Note: In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies.

ghsa
Open in Source
#vulnerability#git

nemo-appium vulnerable to OS Command Injection

High severity GitHub Reviewed Published Jan 31, 2023 to the GitHub Advisory Database • Updated Feb 1, 2023

Related news

CVE-2022-21129

Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function. **Note:** In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies.

ghsa: Latest News

GHSA-p85q-mww9-gwqf: Citizen Short Description stored XSS vulnerability through wikitext
ghsa