0.003 Low
EPSS
Percentile
65.4%
csv-safe is vulnerable to CSV injection. The library doesn’t properly filter out special characters in str parameter which allows remote attackers to inject and execute malicious payloads on target system.
str
github.com/zvory/csv-safe
github.com/zvory/csv-safe/commit/b50b22c9abb903a80fbd3dc06076c7c22d62b6b2
github.com/zvory/csv-safe/issues/7
github.com/zvory/csv-safe/pull/8