Affecting org.webjars.npm:node-notifier artifact, versions [,9.0.0)Report new vulnerabilities
org.webjars.npm:node-notifier is an A Node.js module for sending notifications on native Mac, Windows (post and pre 8) and Linux (or Growl as fallback)
Affected versions of this package are vulnerable to Command Injection. It allows an attacker to run arbitrary commands on Linux machines due to the
options params not being sanitised when being passed an array.
org.webjars.npm:node-notifier to version 9.0.0 or higher.