CVE-2018-3772

Severity CVSS v4.0:
Pending analysis
Type:
CWE-77 Command Injection
Publication date:
30/07/2018
Last modified:
17/06/2026

Description

Concatenating unsanitized user input in the `whereis` npm module

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:whereis_project:whereis:*:*:*:*:*:node.js:*:* 0.4.1 (excluding)