fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the copy
, copySync
, remove
, and removeSync
methods.
[
{
"product": "fs-path",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 0.0.25"
}
]
}
]