Description
OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4.
Remediation
References
https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8
https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1
Related Vulnerabilities
CVE-2023-5571 Vulnerability in npm package @vrite/sdk
CVE-2022-23622 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates
CVE-2023-46731 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2016-2175 Vulnerability in maven package org.apache.pdfbox:preflight-app