Description
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.
Remediation
References
https://github.com/rkesters/gnuplot/commit/23671d4d3d28570fb19a936a6328bfac742410de
https://www.npmjs.com/package/%40rkesters/gnuplot
Related Vulnerabilities
CVE-2022-24728 Vulnerability in maven package org.webjars.npm:ckeditor4
CVE-2021-4264 Vulnerability in maven package org.webjars:dustjs-linkedin
CVE-2020-4038 Vulnerability in npm package graphql-playground-html
CVE-2022-43432 Vulnerability in maven package org.jenkins-ci.plugins:xframium
CVE-2021-32860 Vulnerability in maven package org.webjars.npm:izimodal