CVE-2021-23352 in madge
Sumário
de MITRE • 10/03/2021
This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() functions are called, is executed by the childprocess.exec function.
If you want to get best quality of vulnerability data, you may have to visit VulDB.