Vulnerabilities > Cycle Import Check Project

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-24377 OS Command Injection vulnerability in Cycle-Import-Check Project Cycle-Import-Check
The package cycle-import-check before 1.3.2 are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization.
network
low complexity
cycle-import-check-project CWE-78
critical
9.8