Critical severityNVD Advisory· Published Feb 20, 2023· Updated Mar 10, 2025
versionn Command Injection Vulnerability
CVE-2023-25805
Description
versionn, software for changing version information across multiple files, has a command injection vulnerability in all versions prior to version 1.1.0. This issue is patched in version 1.1.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
versionnnpm | < 1.1.0 | 1.1.0 |
Affected products
2- commenthol/versionnv5Range: < 1.1.0
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-fj78-2vc5-f6cmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-25805ghsaADVISORY
- github.com/commenthol/versionn/commit/2ca128823efe962b37f2698f0eb530c2b124842dghsax_refsource_MISCWEB
- github.com/commenthol/versionn/security/advisories/GHSA-fj78-2vc5-f6cmghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.