Description
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.
Remediation
References
https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8
https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1
Related Vulnerabilities
CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core-rs
CVE-2020-14968 Vulnerability in maven package org.webjars.bowergithub.kjur:jsrsasign
CVE-2015-0250 Vulnerability in maven package org.apache.xmlgraphics:batik-dom
CVE-2023-5104 Vulnerability in npm package nocodb
CVE-2020-26272 Vulnerability in maven package org.webjars.npm:electron