[DepShield] (CVSS 8.8) Vulnerability due to usage of growl:1.9.2

**Vulnerabilities**

DepShield reports that this application's usage of [growl:1.9.2](https://ossindex.sonatype.org/component/pkg:npm/growl@1.9.2) results in the following vulnerability(s):

- (CVSS **8.8**) [CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')](https://ossindex.sonatype.org/vuln/c513f639-8d36-411d-96d2-6c98e76e9838)
- (CVSS **8.8**) [CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')](https://ossindex.sonatype.org/vuln/a08be805-accd-4f75-8693-f9836736ff78)

<hr />

**Occurrences**

growl:1.9.2 is a transitive dependency introduced by the following direct dependency(s):

• **[mocha:3.5.3](https://ossindex.sonatype.org/component/pkg:npm/mocha@3.5.3)**
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;└─ [growl:1.9.2](https://ossindex.sonatype.org/component/pkg:npm/growl@1.9.2)

<sub>This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for [personal](https://help.github.com/articles/managing-your-personal-account-s-apps/) and [organization](https://help.github.com/articles/managing-your-organization-s-apps/) accounts. Please submit questions or feedback about DepShield to the [Sonatype DepShield Community](https://community.sonatype.com/c/depshield).</sub>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[DepShield] (CVSS 8.8) Vulnerability due to usage of growl:1.9.2 #37

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[DepShield] (CVSS 8.8) Vulnerability due to usage of growl:1.9.2 #37

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions