Description
All versions of package launchpad are vulnerable to Command Injection via stop.
Remediation
References
https://snyk.io/vuln/SNYK-JS-LAUNCHPAD-1044065
https://github.com/bitovi/launchpad/issues/123%23issuecomment-732188118
https://github.com/bitovi/launchpad/pull/124
Related Vulnerabilities
CVE-2017-16037 Vulnerability in npm package gomeplus-h5-proxy
CVE-2017-18197 Vulnerability in npm package mxgraph
CVE-2020-27219 Vulnerability in maven package org.eclipse.hawkbit:hawkbit-update-server
CVE-2017-12795 Vulnerability in maven package org.openmrs.module:htmlformentry-omod
CVE-2022-29822 Vulnerability in npm package feathers-sequelize