7 matches found
CVE-2020-7628
umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization...
@pho-nomenal/5-minute-github-demo (>=6.0.3 <=21.5.1), eject-media (>=0.0.1 <=0.0.2) +2 more potentially affected by CVE-2020-7628 via umount (=1.1.6)
umount NPM version =1.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on umount and may be impacted: - @pho-nomenal/5-minute-github-demo =6.0.3, =0.0.1, =0.1.1, =1.1.0, =1.1.4 Source cves: CVE-2020-7628 Source advisory: OSV:GHSA-6Q48-VJQ2-MWCJ...
CVE-2020-7628
umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization...
CVE-2020-7628
umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization...
CVE-2020-7628
The CVE-2020-7628 entry exposes a Command Injection flaw in the Node.js package umount up to version 1.1.6, where the user-supplied device argument is passed to an exec call without sanitization. Exploitation could allow an attacker to execute arbitrary code on the host. Public reports (Snyk advi...
CVE-2020-7628
umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization...
@pho-nomenal/5-minute-github-demo (>=6.0.3 <=21.5.1), eject-media (>=0.0.1 <=0.0.2) +2 more potentially affected by CVE-2020-7628 via umount (=1.1.6)
umount NPM version =1.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on umount and may be impacted: - @pho-nomenal/5-minute-github-demo =6.0.3, =0.0.1, =0.1.1, =1.1.0, =1.1.4 Source cves: CVE-2020-7628 Source advisory: SNYK:JS-UMOUNT-564265...