CVE-2021-29300

The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt