nadesiko3@3.1.23 vulnerabilities

Japanese Programming Language

  • latest version

    3.6.37

  • latest non vulnerable version

  • first published

    7 years ago

  • latest version published

    18 days ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the nadesiko3 package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Command Injection

    nadesiko3 is a Japanese Programming Language

    Affected versions of this package are vulnerable to Command Injection which allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.

    How to fix Command Injection?

    Upgrade nadesiko3 to version 3.3.62 or higher.

    <3.3.62
    • H
    Denial of Service (DoS)

    nadesiko3 is a Japanese Programming Language

    Affected versions of this package are vulnerable to Denial of Service (DoS) due to an improper check or handling of exceptional conditions vulnerability in Nako3edit, which allows a remote attacker to inject an invalid value to decodeURIComponent.

    How to fix Denial of Service (DoS)?

    Upgrade nadesiko3 to version 3.3.75 or higher.

    <3.3.75
    • H
    Command Injection

    nadesiko3 is a Japanese Programming Language

    Affected versions of this package are vulnerable to Command Injection as Nako3edit allows a remote attacker to obtain an appkey and execute arbitrary OS commands.

    How to fix Command Injection?

    Upgrade nadesiko3 to version 3.3.75 or higher.

    <3.3.75