CVE-2021-33360

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in npm/@stoqey/gnuplot

Identifiers

GHSA-795w-7426-m94j, CVE-2021-33360

Package Slug

npm/@stoqey/gnuplot

Vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Description

An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers to execute arbitrary code via the src/index.ts, plotCallack, child_process, and/or filePath parameter(s).

Affected Versions

All versions up to 0.0.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-03-13

source