Vulnerabilities > NPM Dependency Versions Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-12 | CVE-2022-29080 | OS Command Injection vulnerability in Npm-Dependency-Versions Project Npm-Dependency-Versions The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value. | 9.8 |