Description
All versions of package launchpad are vulnerable to Command Injection via stop.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://snyk.io/vuln/SNYK-JS-LAUNCHPAD-1044065
Third Party Advisory x_refsource_misc
https://github.com/bitovi/launchpad/issues/123%23issuecomment-732188118
Exploit, Patch, Third Party Advisory x_refsource_misc
https://github.com/bitovi/launchpad/pull/124
Scores
CVSS v3
9.8
EPSS
0.0525
EPSS Percentile
91.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (27)
bitovi/launchpad
0.1.0
bitovi/launchpad
0.2.0
bitovi/launchpad
0.2.1
bitovi/launchpad
0.3.0
bitovi/launchpad
0.4.0
bitovi/launchpad
0.4.1
bitovi/launchpad
0.4.2
bitovi/launchpad
0.4.3
bitovi/launchpad
0.4.4
bitovi/launchpad
0.4.5
... and 17 more
Published
Feb 01, 2021
Tracked Since
Feb 18, 2026