12 matches found
EUVD-2021-0787
Malware in sbrugna...
CVE-2019-10799
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
OS Command Injection in compile-sass
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
@codinger/build-helper (=1.0.2-rc.1), @onepointfour-npm/pollyfiller (>=1.0.10 <=1.2.3) potentially affected by CVE-2019-10799 via compile-sass (=0.1.4)
compile-sass NPM version =0.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on compile-sass and may be impacted: - @codinger/build-helper =1.0.2-rc.1 - @onepointfour-npm/pollyfiller =1.0.10, =1.2.3 Source cves: CVE-2019-10799 Source advisory:...
GHSA-79QM-H35F-HR77 OS Command Injection in compile-sass
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
compile-sass Remote Code Execution Vulnerability
compile-sass is a module for compiling SASS and saving it to CSS files on-the-fly using node-sass. A security vulnerability exists in compile-sass versions prior to 1.0.5, which stems from the program failing to clean up the 'setupCleanupOnExit cssPath' function in the dist/index.js file before t...
CVE-2019-10799
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
CVE-2019-10799
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
Command injection
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
CVE-2019-10799
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
CVE-2019-10799
CVE-2019-10799 affects the compile-sass module prior to version 1.0.5. The root cause is a lack of sanitization in the function setupCleanupOnExit(cssPath) within dist/index.js, which is invoked as part of the rm command, enabling execution of arbitrary commands. The vulnerability allows potentia...
CVE-2016-10660
fis-parser-sass-bin a plugin for fis to compile sass using node-sass-binaries. fis-parser-sass-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker...