CVE-2020-7712
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
7.2CVSS
7.4AI Score
0.015EPSS