VulnerableCode Package Details - pkg:npm/libnotify@1.0.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/libnotify@1.0.4

Essentials
History (2)

purl	pkg:npm/libnotify@1.0.4

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-tjc9-6eex-4fh7	Potential Command Injection Untrusted input passed in the call to libnotify.notify could result in execution of shell commands. Callers may be unaware of this. ### Example ``` var libnotify = require('libnotify') libnotify.notify('UNTRUSTED INPUT', { title: \"\" }, function () { console.log(arguments); }) ``` Special thanks to Neal Poole for submitting the pull request to fix this issue.	CVE-2013-7381
VCID-uwx6-kq7y-dfa4	Potential Command Injection Untrusted input passed in the call to libnotify.notify could result in execution of shell commands. Callers may be unaware of this.	GMS-2013-11

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:36:09.459020+00:00	GitLab Importer	Fixing	VCID-uwx6-kq7y-dfa4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/libnotify/GMS-2013-11.yml	38.6.0
2026-06-02T03:45:01.286960+00:00	Npm Importer	Fixing	VCID-tjc9-6eex-4fh7	https://github.com/nodejs/security-wg/blob/main/vuln/npm/20.json	38.6.0