Node.js: High Severity Command Injection Risk - Proactive Insights and Support For Open-Source Applications

In Node.js versions before 18.20.4 a high severity vulnerability CVE-2024-36138 was detected. This vulnerability allows attackers to inject arbitrary commands and achieve code execution by exploiting improper handling of batch files via `child_process.spawn` and `child_process.spawnSync`. To fix this issue, users must upgrade to version 18.20.4. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-36138.