An issue found in Stoqey gnuplot v.0.0.3 and earlier allows attackers to execute arbitrary code via the src/index.ts, plotCallack, child_process, and/or filePath parameter(s).
{
"cwe_ids": [
"CWE-77"
],
"severity": "CRITICAL",
"nvd_published_at": "2023-03-10T16:15:00Z",
"github_reviewed": true,
"github_reviewed_at": "2023-03-10T21:52:17Z"
}