Description
All versions of package launchpad are vulnerable to Command Injection via stop.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.7.5
References
Related Issues
- Command Injection in lodash (GHSA-35jh-r3h4-6jhm) - CVE-2021-23337
- Command injection in google-it - CVE-2021-34083
- Command Injection Vulnerability - CVE-2021-21315
- json-logic-js Command Injection vulnerability - CVE-2021-4329
- Tags:
- npm
- launchpad
Anything's wrong? Let us know Last updated on January 27, 2023