Headline
GHSA-4h66-vghf-xg5x: get-npm-package-version Command Injection vulnerability
The package get-npm-package-version before 1.0.7 is vulnerable to Command Injection via the main function in index.js.
get-npm-package-version Command Injection vulnerability
Critical severity GitHub Reviewed Published Aug 3, 2022 • Updated Aug 10, 2022
Related news
CVE-2020-7795: get-npm-package-version
The package get-npm-package-version before 1.0.7 are vulnerable to Command Injection via main function in index.js.