@cyclonedx/cdxgen@9.8.0 vulnerabilities
Creates CycloneDX Software Bill of Materials (SBOM) from source or container image
-
latest version
10.11.0
-
first published
2 years ago
-
latest version published
5 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @cyclonedx/cdxgen package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@cyclonedx/cdxgen is a Creates CycloneDX Software Bill of Materials (SBOM) from source or container image Affected versions of this package are vulnerable to Arbitrary Code Injection when run against an untrusted codebase, allowing execution of code contained within build-related files such as Note: This is a design limitation without an immediate fix. How to fix Arbitrary Code Injection? There is no fixed version for |
>=0.0.0
|