VDB
KO
CRITICAL 9.8

GHSA-3hq6-rmv7-39vh

Injection in op-browser

Details

op-browser through 1.0.9 is vulnerable to Command Injection. It allows execution of arbitrary commands via the url function.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / op-browser
Introduced in: 0

No fixed version published yet for op-browser (npm). Pin to a known-safe version or switch to an alternative.

References