Description
Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1.
Remediation
References
https://hackerone.com/reports/825729
Related Vulnerabilities
CVE-2010-2076 Vulnerability in maven package org.apache.cxf:cxf-bundle
CVE-2022-4135 Vulnerability in npm package electron
CVE-2022-37199 Vulnerability in maven package com.jflyfox:jflyfox_jfinal
CVE-2022-38179 Vulnerability in maven package io.ktor:ktor-utils
CVE-2022-36437 Vulnerability in maven package com.hazelcast:hazelcast-enterprise