Injection Vulnerability
clamscan is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the _is_clamav_binary function located within Index.js.
Advisories for Npm/Clamscan package
2020
clamscan is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the _is_clamav_binary function located within Index.js.