0.01 Low
EPSS
Percentile
83.4%
enpeem is vulnerable to remote code execution. The attack is possible because the options.dir values are not escaped, allowing an attacker to inject and execute arbitrary commands via the exec function.
options.dir
exec
github.com/advisories/GHSA-hmw2-mvvh-jf5j
github.com/balderdashy/enpeem/blob/master/index.js#L114