Description
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.
Remediation
References
https://github.com/rkesters/gnuplot/commit/23671d4d3d28570fb19a936a6328bfac742410de
https://www.npmjs.com/package/%40rkesters/gnuplot
Related Vulnerabilities
CVE-2020-28479 Vulnerability in maven package org.webjars.bower:jointjs
CVE-2023-25499 Vulnerability in maven package com.vaadin:vaadin
CVE-2023-37277 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-war
CVE-2021-23900 Vulnerability in maven package com.mikesamuel:json-sanitizer
CVE-2023-37958 Vulnerability in maven package org.jenkins-ci.plugins:sumologic-publisher