Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization. PoC js var root = require"cycle-import-check" root.writeFileToTmpDirAndOpenIt"& touch JHU ", "aaa" Remediation Upgrade...