2 matches found
GHSA-QM28-7HQV-WG5J OS Command Injection in ng-packagr
The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option...
Command Injection
Overview ng-packagr is a Compile and package a TypeScript library to Angular Package Format Affected versions of this package are vulnerable to Command Injection via the styleIncludePaths option. Remediation Upgrade ng-packagr to version 10.1.1 or higher. References - GitHub Commit Credit: Snyk...