Command Injection

is-http2 is vulnerable to Command Injection. The vulnerability exists in the Promise function of index.js due to missing input sanitization which allows an attacker to inject and execute arbitrary commands into the system...