google-cloudstorage-commands@0.0.1

Vulnerabilities

1 via 1 paths

Dependencies

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

high severity

Command Injection

  • Vulnerable module: google-cloudstorage-commands
  • Introduced through: google-cloudstorage-commands@0.0.1

Detailed paths

  • Introduced through: google-cloudstorage-commands@0.0.1

Overview

Affected versions of this package are vulnerable to Command Injection.

PoC

var root = require("google-cloudstorage-commands");
root.upload("./","& touch JHU", true);

Remediation

There is no fixed version for google-cloudstorage-commands.

References