CVE-2022-21191
npm/npm-node-utils
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Versions of the package global-modules-path before 3.0.0 is vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.
All versions before 3.0.0
Unfortunately, there is no solution available yet.
2023-01-23
source |