jison

vulnerability command injection
severity 3.8
language javascript
registry npm

Overview

jison is a package that provides an API for creating parsers in JavaScript.

Affected versions of this package are vulnerable to Command Injection. Arbitrary OS shell command execution is possible through a crafted command-line argument.

References