EPSS
Percentile
85.2%
@prisma/sdk is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary code on the host OS by sending a malicious command via the function getPackedPackage.
getPackedPackage
github.com/prisma/prisma/commit/05e8c867aa20204d36e776c82a0cc0fcca25c83b
github.com/prisma/prisma/pull/6245
github.com/prisma/prisma/security/advisories/GHSA-pxcc-hj8w-fmm7
security.netapp.com/advisory/ntap-20210618-0003/