Description
diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument.
Remediation
References
https://github.com/iximiuz/node-diskusage-ng/blob/master/lib/posix.js#L11
https://snyk.io/vuln/SNYK-JS-DISKUSAGENG-564425
Related Vulnerabilities
CVE-2020-28052 Vulnerability in maven package org.bouncycastle:bcprov-debug-jdk15on
CVE-2022-31172 Vulnerability in npm package @openzeppelin/contracts-upgradeable
CVE-2022-24723 Vulnerability in npm package urijs
CVE-2022-38179 Vulnerability in maven package io.ktor:ktor-utils
CVE-2014-1202 Vulnerability in maven package com.smartbear.soapui:soapui-project