CVE-2021-26700

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in npm/vscode-npm-script

Identifiers

GHSA-r84v-qff8-jv5g, CVE-2021-26700

Package Slug

npm/vscode-npm-script

Vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Description

Visual Studio Code npm-script Extension Remote Code Execution Vulnerability

Affected Versions

All versions before 0.3.15

Solution

Upgrade to version 0.3.15 or above.

Last Modified

2022-07-26

source