Описание
OS Command Injection in gulp-tape
gulp-tape through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of gulp-tape options.
Пакеты
Наименование
gulp-tape
npm
Затронутые версииВерсия исправления
<= 1.0.0
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
почти 6 лет назад
gulp-tape through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of 'gulp-tape' options.