Dremig

Name of the Vulnerable Software and Affected Versions: codeceptjs version 3.7.3 Description: codeceptjs version 3.7.3 contains a command injection issue in the `emptyFolder` function located in `lib/utils.js`. The `execSync` command directly concatenates the user-controlled `directoryPath` parameter without sanitization or escaping, potentially allowing attackers to execute arbitrary commands. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.