Description
All versions of package launchpad are vulnerable to Command Injection via stop.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 0.7.5
References
Related Issues
- Command Injection in @theia/messages - CVE-2021-28162
- Command injection in github-todos - CVE-2021-44684
- Command Injection in lodash - lodash-es - CVE-2021-23337
- Command Injection in lodash - CVE-2021-23337
You might also like:
- Tags:
- npm
- launchpad
Anything's wrong? Let us know Last updated on January 27, 2023


