Node.js third-party modules: `fs-path` concatenates unsanitized input into exec()/execSync() commands

I would like to report command injection in fs-path. It allows to inject and execute arbitrary shell commands while performing various operations from fs-path API like copying files. Module module name: fs-path version: 0.0.24 npm page: https://www.npmjs.com/package/fs-path Module Description...