Insufficient input validation in npm package `jison` <= 0.4.18 may lead to OS command injection attacks.
jison project jison