Description
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.
Remediation
References
https://github.com/rkesters/gnuplot/commit/23671d4d3d28570fb19a936a6328bfac742410de
https://www.npmjs.com/package/%40rkesters/gnuplot
Related Vulnerabilities
CVE-2021-21349 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2022-36894 Vulnerability in maven package org.jenkins-ci.plugins:clif-performance-testing
CVE-2018-1000665 Vulnerability in maven package org.webjars:dojo
CVE-2021-3163 Vulnerability in npm package quill
CVE-2022-26336 Vulnerability in maven package org.apache.poi:poi-scratchpad