Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via main function in index.js. PoC var a = require"get-npm-package-version"; a"& touch JHU"; Remediation Upgrade get-npm-package-version to version 1.0.7 or higher. References - GitHub Commit - NPM Package - Vulnerable...