4 matches found
EUVD-2021-0787
Malware in sbrugna...
@codinger/build-helper (=1.0.2-rc.1), @onepointfour-npm/pollyfiller (>=1.0.10 <=1.2.3) potentially affected by CVE-2019-10799 via compile-sass (=0.1.4)
compile-sass NPM version =0.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on compile-sass and may be impacted: - @codinger/build-helper =1.0.2-rc.1 - @onepointfour-npm/pollyfiller =1.0.10, =1.2.3 Source cves: CVE-2019-10799 Source advisory:...
CVE-2019-10799
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...
CVE-2019-10799
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExitcssPath" within "dist/index.js" is executed as part of the "rm" command without any sanitization...