CVE-2020-7782
CVE-2020-7782 affects spritesheet-js and enables command injection via the vulnerable platform-command dependency. The injection point is at lib/generator.js:32 (triggered by the package main entry). Public advisories confirm a CLI-oriented command-injection risk with PoC, and multiple sources st...