2020-07-15 16:10:35
hackerone
PUBLISHED
Insufficient input validation in npm package `jison` <= 0.4.18 may lead to OS command injection attacks.