CRITICAL 9.8
GHSA-c5hm-xc74-pqrg
OS Command Injection in jscover
Details
jscover through 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary command via the source argument.
Are you affected?
Enter the version of the package you're using.
Affected packages
npm / jscover
Introduced in:
0 No fixed version published yet for jscover (npm). Pin to a known-safe version or switch to an alternative.