Advisories for Npm/@Hoppscotch/Cli package

This attack gives an attacker arbitrary command execution on the machine of a victim Hoppscotch CLI user. For the attack to succeed, an attacker has to lure the victim into downloading a malicious Hoppscotch collection and running it with the Hoppscotch CLI. This issue does not impact Hoppscotch Web or Desktop, as they use the safe web worker sandboxing approach.

This attack gives an attacker arbitrary command execution on the machine of a victim Hoppscotch CLI user. For the attack to succeed, an attacker has to lure the victim into downloading a malicious Hoppscotch collection and running it with the Hoppscotch CLI. This issue does not impact Hoppscotch Web or Desktop, as they use the safe web worker sandboxing approach.