GHSA-QWP8-X4FF-5H87 ZX Allows Environment Variable Injection for dotenv API
Impact This vulnerability is an Environment Variable Injection issue in dotenv.stringify, affecting google/zx version 8.3.1. An attacker with control over environment variable values can inject unintended environment variables into process.env. This can lead to arbitrary command execution or...