[s3-uploader] OS Command Injection in s3-uploader

OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata() function.

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-34084
• https://advisory.checkmarx.net/advisory/CX-2021-4776
• https://github.com/advisories/GHSA-gwp3-f7mr-qpfv