GMS-2019-124: Command Injection in fs-path

June 12, 2019 (updated September 14, 2022)

fs-path is vulnerable to command injection is unsanitized user input is passed in.

References

github.com/advisories/GHSA-gc94-6w89-hpqr
hackerone.com/reports/324491
nodesecurity.io/advisories/661
www.npmjs.com/advisories/661

Detect and mitigate GMS-2019-124 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →