Published
Last updated
NVD
7.2
CVSS CVSS_V3
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.