Improper Neutralization of Special Elements used in a Command ('Command Injection')
The package get-npm-package-version before 1.0.7 is vulnerable to Command Injection via main function in index.js.
Advisories for Npm/Get-Npm-Package-Version package
2022