Command Injection
The package bestzip is vulnerable to Command Injection via the options param.
Advisories for Npm/Bestzip package
2020
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in bestzip.