Homepage

guarddog@3.0.0a1

GuardDog is a CLI tool for identifying malicious open source packages

  • latest version

    2.10.0

  • first published

    3 years ago

  • latest version published

    1 months ago

  • licenses detected

  • View guarddog package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the guarddog package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Improper Encoding or Escaping of Output

    guarddog is a GuardDog is a CLI tool to Identify malicious PyPI packages

    Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via the process that renders human-readable scan results, which includes attacker-controlled values such as filenames, file locations, messages, and code snippets without escaping terminal control characters. An attacker can manipulate terminal output, inject misleading or spoofed log content, or trigger unintended terminal behaviors by supplying specially crafted package content containing escape sequences.

    How to fix Improper Encoding or Escaping of Output?

    There is no fixed version for guarddog.

    [2.6.0,)
    Go back to all versions of this package