CVE-2021-23352 in madge
Resumen
por MITRE • 2021-03-10
This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() functions are called, is executed by the childprocess.exec function.
If you want to get best quality of vulnerability data, you may have to visit VulDB.