CVE-2021-29300
Affected component: @ronomon/opened (Node.js library) prior to version 1.5.2. Root cause: The module is vulnerable to command injection when untrusted input is used to form commands that are executed, enabling an attacker to run arbitrary commands on the host. Impact: Remote code execution risk o...