GHSA-4xrw-wvmq-8jmhCriticalCVSS 9.8
OS Command Injection in node-key-sender
🔗 CVE IDs covered (1)
📋 Description
node-key-sender through 1.0.11 is vulnerable to Command Injection. It allows execution of arbitrary commands via the 'arrParams' argument in the 'execute()' function.
🎯 Affected products1
- npm/node-key-sender:<= 1.0.11