aliyundrive-webdav@2.3.3 vulnerabilities

WebDAV server for AliyunDrive

Direct Vulnerabilities

Known vulnerabilities in the aliyundrive-webdav package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • C
Arbitrary Command Injection

aliyundrive-webdav is a WebDAV server for AliyunDrive

Affected versions of this package are vulnerable to Arbitrary Command Injection via the action_query_qrcode() function, whose sid parameter can be used to pass in OS commands.

How to fix Arbitrary Command Injection?

There is no fixed version for aliyundrive-webdav.

[0,)