VYPR

npm package

@google/clasp

pkg:npm/%40google/clasp

Vulnerabilities (1)

  • CVE-2026-4092HigMar 13, 2026
    affected < 3.2.0fixed 3.2.0

    Path Traversal in Clasp impacting versions < 3.2.0 allows a remote attacker to perform remote code execution via a malicious Google Apps Script project containing specially crafted filenames with directory traversal sequences.