Identifier

CVE-2020-7688

Package Slug

npm/mversion

Vulnerability

OS Command Injection

Description

This issue occurs because tagName user input is formatted inside the exec function is executed without any checks.

Affected Versions

All versions before 2.0.1

Solution

Upgrade to version 2.0.1 or above.

Last Modified

2020-07-22

source