CVE-2020-4066, GHSA-77qv-gh6f-pgh4
npm/limdu
OS Command Injection
In Limdu, the trainBatch
function has a command injection vulnerability. Clients of the Limdu library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability.
All versions before 0.95
Upgrade to version 0.95 or above.
2020-07-02
source |