Node-Notifier Project: Security Vulnerabilities
This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array.
CVSS Score
5.6
EPSS Score
0.002
Published
2020-12-11