Description
The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option.
Remediation
References
https://github.com/ng-packagr/ng-packagr/commit/bda0fff3443301f252930a73fdc8fb9502de596d
https://snyk.io/vuln/SNYK-JS-NGPACKAGR-1012427
Related Vulnerabilities
CVE-2022-36099 Vulnerability in maven package org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
CVE-2022-21129 Vulnerability in npm package nemo-appium
CVE-2021-21368 Vulnerability in maven package org.webjars.npm:msgpack5
CVE-2022-25927 Vulnerability in maven package org.webjars.npm:github-com-faisalman-ua-parser-js
CVE-2018-1000632 Vulnerability in maven package org.jenkins-ci.dom4j:dom4j