0.002 Low
EPSS
Percentile
64.9%
There is a command injection vulnerability in all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).
nvd.nist.gov/vuln/detail/CVE-2020-7794
snyk.io/vuln/SNYK-JS-BUNS-1050389