First published: Thu Apr 02 2020(Updated: )
install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument.
Credit: report@snyk.io
Affected Software | Affected Version | How to fix |
---|---|---|
Install-package Project Install-package | <=0.4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.