Versions of the package nemo-appium before 0.0.9 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports.setup' function. **Note:** In order to exploit this vulnerability appium-running 0.1.3 has to be installed as one of nemo-appium dependencies.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| nemo-appium(npm) | 0 | 0.0.9 | N/A |
CVSS Metrics
