Versions of the package global-modules-path before 3.0.0 are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the getPath function.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| global-modules-path(npm) | 0 | 3.0.0 | N/A |
CVSS Metrics
