Description

This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js.

Remediation

References

https://snyk.io/vuln/SNYK-JS-FREEDISKSPACE-1040716

Related Vulnerabilities

CVE-2018-1000174 Vulnerability in maven package org.jenkins-ci.plugins:google-login

CVE-2017-16058 Vulnerability in npm package gruntcli

CVE-2018-1000644 Vulnerability in maven package org.eclipse.rdf4j:rdf4j-rio-rdfxml

CVE-2019-0225 Vulnerability in maven package org.apache.jspwiki:jspwiki-builder

CVE-2020-7740 Vulnerability in npm package node-pdf-generator

Severity

Critical

Classification

CWE-78

Tags

Third Party Advisory