Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2020-7730
The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param.