Описание
Command Injection in command-exists
Versions of command-exists before 1.2.4 are vulnerable to command injection. This is exploitable if user input is provided to this module.
Recommendation
Update to version 1.2.4 or later.
Пакеты
Наименование
command-exists
npm
Затронутые версииВерсия исправления
< 1.2.4
1.2.4
Дефекты
CWE-77
Дефекты
CWE-77