CVE-2022-25171

The package p4 before 0.0.7 are vulnerable to Command Injection via the run() function due to improper input sanitization