Description
umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization.
Remediation
References
https://snyk.io/vuln/SNYK-JS-UMOUNT-564265
Related Vulnerabilities
CVE-2020-8127 Vulnerability in maven package org.webjars.bowergithub.hakimel:reveal.js
CVE-2023-26129 Vulnerability in npm package bwm-ng
CVE-2021-46365 Vulnerability in maven package info.magnolia:magnolia-core
CVE-2020-28472 Vulnerability in npm package aws-sdk
CVE-2019-10389 Vulnerability in maven package org.jenkins-ci.plugins:relution-publisher