aliyundrive-webdav@0.1.5 vulnerabilities

WebDAV server for AliyunDrive

Direct Vulnerabilities

Known vulnerabilities in the aliyundrive-webdav package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Arbitrary Command Injection

aliyundrive-webdav is a WebDAV server for AliyunDrive

Affected versions of this package are vulnerable to Arbitrary Command Injection via the action_query_qrcode() function, whose sid parameter can be used to pass in OS commands.

How to fix Arbitrary Command Injection?

There is no fixed version for aliyundrive-webdav.

[0,)