[GHSA-6hr9-4692-fch9] OS Command Injection in effect

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.67k stars 305 forks source link

[GHSA-6hr9-4692-fch9] OS Command Injection in effect #4487

Closed Fidget-Grep closed 1 month ago

Fidget-Grep commented 1 month ago

Updates

Affected products
Source code location

Comments This vulnerability is not related to the npm package "effect": https://www.npmjs.com/package/effect. It does not seem to be tied to a package manager at all. The GitHub project claims to be for the Node project "effect", but the actual npm package is entirely different. In addition, the Snyk advisory has revoked this vulnerability. This advisory should probably be withdrawn.

advisory-database[bot] commented 1 month ago

Hi @Fidget-Grep! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!