[curljs] curljs Command Injection vulnerability

A command injection vulnerability affects all versions of the package curljs.

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-28425
• https://security.snyk.io/vuln/SNYK-JS-CURLJS-1050404
• https://github.com/advisories/GHSA-cqfc-9452-r36j