2 matches found
CVE-2020-7626
karma-mojo through 1.0.1 is vulnerable to Command Injection. It allows execution of arbitrary commands via the config argument...
CVE-2020-7626
CVE-2020-7626 affects the npm package karma-mojo up to version 1.0.1. The vulnerability is a Command Injection due to unsanitized input in the config argument, allowing an attacker to execute arbitrary commands. Multiple connected sources corroborate the issue and identify the impact as arbitrary...