0.001 Low
EPSS
Percentile
48.0%
bestzip is vulnerable to OS command injection. A remote attacker is able to inject and execute arbitrary OS commands on the host OS via the destination parameter.
destination
github.com/nfriedly/node-bestzip/commit/45d4a901478c6a8f396c8b959dd6cf8fd3f955b6
www.npmjs.com/advisories/1554
www.npmjs.com/advisories/1685