Filtered by vendor Codecept
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57285 | 1 Codecept | 1 Codeceptjs | 2025-09-12 | 9.8 Critical |
| codeceptjs 3.7.3 contains a command injection vulnerability in the emptyFolder function (lib/utils.js). The execSync command directly concatenates the user-controlled directoryPath parameter without sanitization or escaping, allowing attackers to execute arbitrary commands. | ||||
Page 1 of 1.