2020-07-10 15:37:18
hackerone
PUBLISHED
A command injection vulnerability in the `devcert` module may lead to remote code execution when users of the module pass untrusted input to the `certificateFor` function.