EPSS
Percentile
87.7%
clamscan is vulnerable to OS Command Injection. The vulnerability exists through the _is_clamav_binary function in index.js.
_is_clamav_binary
index.js
github.com/kylefarris/clamscan/blob/master/index.js#L34