CVEs (1)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Npm Programmatic Project 1Npm Programmatic Nov 21, 2024 Apr 7, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly. |