Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Command Injection
Vulnerability Description
This affects all versions of package spritesheet-js. It depends on a vulnerable package platform-command. The injection point is located in line 32 in lib/generator.js, which is triggered by main entry of the package.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
spritesheet.js 注入漏洞
Vulnerability Description
spritesheet.js是波兰Krzysztof-o(spritesheet.js)个人开发者的一个用node.js编写的命令行Spritesheet(又名Texture Atlas)生成器。提供Spritesheet(又名Texture Atlas)命令行生成。 spritsheet中存在注入漏洞。该漏洞源于lib/generator对用户输入数据的正确验证,未过滤或未正确过滤掉其中的特殊元素,导致系统或产品产生解析或解释方式错误。
CVSS Information
N/A
Vulnerability Type
N/A