Pedroetb

**Name of the Vulnerable Software and Affected Versions** pedroetb tts-api versions up to 2.1.4 **Description** A critical vulnerability has been found in the pedroetb tts-api, affecting the `onSpeechDone` function of the file app.js. This issue leads to os command injection. **Recommendations** For pedroetb tts-api versions up to 2.1.4, upgrade to version 2.2.0 to address this issue. As a temporary workaround, consider disabling the `onSpeechDone` function until a patch is available.