Injection Vulnerability
node-mpv is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.
Advisories for Npm/Node-Mpv package
2020
node-mpv is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.