All versions of package launchpad are vulnerable to Command Injection via stop.