CVE-2022-21165

Summary

All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.

Affected Software

VendorProductVersion RangeStatus
n/afont-converter0 < unspecifiedaffected

Weaknesses

  • Arbitrary Command Injection

ADP Enrichment

CVE Program Container

Additional References

References