An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers to execute arbitrary code via the src/index.ts, plotCallack, child_process, and/or filePath parameter(s).
{ "github_reviewed_at": "2023-03-10T21:52:17Z", "github_reviewed": true, "nvd_published_at": "2023-03-10T16:15:00Z", "cwe_ids": [ "CWE-77" ], "severity": "CRITICAL" }