[fs-path] Command Injection in fs-path

All versions of fs-path are vulnerable to command injection is unsanitized user input is passed in.

Recommendation

No fix is currently available for this vulnerability. It is our recommendation to not install or use this module until a fix is available.

References

• https://hackerone.com/reports/324491
• https://nodesecurity.io/advisories/661
• https://www.npmjs.com/advisories/661
• https://github.com/pillys/fs-path/pull/5
• https://github.com/advisories/GHSA-gc94-6w89-hpqr