Description
All versions of package launchpad are vulnerable to Command Injection via stop.
Remediation
References
https://github.com/bitovi/launchpad/issues/123%23issuecomment-732188118
https://github.com/bitovi/launchpad/pull/124
https://snyk.io/vuln/SNYK-JS-LAUNCHPAD-1044065
Related Vulnerabilities
CVE-2020-28168 Vulnerability in maven package org.webjars.npm:axios
CVE-2022-36907 Vulnerability in maven package org.jenkins-ci.plugins:openshift-deployer
CVE-2021-21181 Vulnerability in maven package org.webjars.npm:electron
CVE-2018-1000118 Vulnerability in npm package electron
CVE-2019-0205 Vulnerability in maven package org.webjars.npm:thrift