Signal K Server 代码注入漏洞

Signal K Server is a ship centralized server for Signal K open source. A code injection vulnerability exists in Signal K Server versions prior to 2.19.0, which stems from the appstore interface passing version parameters directly to npm without cleaning them up, which could lead to arbitrary code...