npm›vscode-npm-script›CVE-2021-267007.8 HIGHImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')Visual Studio Code npm-script Extension Remote Code Execution Vulnerability