CVE-2020-8298

fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the copy, copySync, remove, and removeSync methods.