Description
All versions of package launchpad are vulnerable to Command Injection via stop.
Remediation
References
https://github.com/bitovi/launchpad/issues/123%23issuecomment-732188118
https://github.com/bitovi/launchpad/pull/124
https://snyk.io/vuln/SNYK-JS-LAUNCHPAD-1044065
Related Vulnerabilities
CVE-2017-1000356 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2018-1327 Vulnerability in maven package org.apache.struts:struts2-rest-plugin
CVE-2022-45685 Vulnerability in maven package org.codehaus.jettison:jettison
CVE-2022-4375 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2020-7606 Vulnerability in npm package docker-compose-remote-api