CRITICAL 9.8
GHSA-h33p-5j96-w8qh
OS Command Injection in gulkp-styledocco
Details
gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument `options` of the exports function in `index.js` can be controlled by users without any sanitization.
Are you affected?
Enter the version of the package you're using.
Affected packages
npm / gulp-styledocco
Introduced in:
0 No fixed version published yet for gulp-styledocco (npm). Pin to a known-safe version or switch to an alternative.