Critical severityNVD Advisory· Published Dec 5, 2022· Updated Apr 24, 2025
CVE-2022-41642
CVE-2022-41642
Description
OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
nadesiko3npm | < 3.3.69 | 3.3.69 |
Affected products
2- Range: v3.3.61 and earlier
Patches
Vulnerability mechanics
References
10- github.com/advisories/GHSA-m8r5-7wf4-63mwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-41642ghsaADVISORY
- github.com/kujirahand/nadesiko3/commit/124871c064cfc65cdcd83205637e84fc246c76dfghsaWEB
- github.com/kujirahand/nadesiko3/commit/56ccfb2f9cceaec83e6a9d3024c3ba8c54ebe1a4ghsaWEB
- github.com/kujirahand/nadesiko3/commit/61a70792752a75b7f71df214e98a236721ea3fa6ghsaWEB
- github.com/kujirahand/nadesiko3/issues/1325ghsaWEB
- github.com/kujirahand/nadesiko3/issues/1347ghsaWEB
- github.com/kujirahand/nadesiko3/releases/tag/3.3.62ghsaWEB
- github.com/kujirahand/nadesiko3/releases/tag/3.3.69ghsaWEB
- jvn.jp/en/jp/JVN56968681/index.htmlghsaWEB
News mentions
0No linked articles in our index yet.