What the vulnerability does

01Description

fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods.

Key dates

02Disclosure timeline

March 4, 2021 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE