CRITICAL 9.8
GHSA-3hq6-rmv7-39vh
Injection in op-browser
Details
op-browser through 1.0.9 is vulnerable to Command Injection. It allows execution of arbitrary commands via the url function.
Are you affected?
Enter the version of the package you're using.
Affected packages
npm / op-browser
Introduced in:
0 No fixed version published yet for op-browser (npm). Pin to a known-safe version or switch to an alternative.