install-package is vulnerable to remote code execution (RCE). The attack is possible due to lack of sanitization of options
parameter, allowing an attack to take the control of it and execute malicious code.
CPE | Name | Operator | Version |
---|---|---|---|
install-package | le | 0.4.0 |