Severity: Critical
CVSS Score: 9.8
The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param.