PT-2026-56413 · Christopherthielen · Check-Peer-Dependencies

Dremig

·

Publicado

2026-07-08

·

Atualizado

2026-07-08

·

CVE-2026-15033

CVSS v2.0

6.5

Média

VetorAV:N/AC:L/Au:S/C:P/I:P/A:P
A flaw has been found in christopherthielen check-peer-dependencies up to 4.3.4. Affected by this vulnerability is the function shelljs.exec of the file dist/packageUtils.js of the component peerDependencies. This manipulation causes os command injection. The attack may be initiated remotely. The project was informed of the problem early through an issue report but has not responded yet.

Correção

Command Injection

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-15033

Produtos afetados

Check-Peer-Dependencies