All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the installModule function. Note: To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have th...
8.4CVSS
7.9AI Score
0.0004EPSS