EPSS
Percentile
77.0%
Affected versions of growl do not properly sanitize input prior to passing it into a shell command, allowing for arbitrary command execution.
growl
Update to version 1.10.0 or later.
github.com/tj/node-growl
github.com/tj/node-growl/commit/d71177d5331c9de4658aca62e0ac921f178b0669
github.com/tj/node-growl/issues/60
github.com/tj/node-growl/pull/61
github.com/tj/node-growl/pull/62
nvd.nist.gov/vuln/detail/CVE-2017-16042
www.npmjs.com/advisories/146