npm package
npm-programmatic
pkg:npm/npm-programmatic
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-7614 | — | <= 0.0.12 | — | Apr 7, 2020 | npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly. |
- CVE-2020-7614Apr 7, 2020affected <= 0.0.12
npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the 'exec' function directly.