6 matches found
CVE-2020-7629
install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument...
compare-eslint-config (>=0.1.0 <=0.1.1) potentially affected by CVE-2020-7629 via install-package (=0.1.0)
install-package NPM version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on install-package and may be impacted: - compare-eslint-config =0.1.0, =0.1.1 Source cves: CVE-2020-7629 Source advisory: OSV:GHSA-6M4R-M3GC-H4R5...
CVE-2020-7629
install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument...
CVE-2020-7629
install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument...
CVE-2020-7629
CVE-2020-7629 affects install-package up to version 0.4.0 and is a Command Injection vulnerability that allows execution of arbitrary commands via the options argument. The issue is documented across multiple sources (NVD/Red Hat/OSV/GHSA/Snyk) with severity ranging from High to Critical (CVSS v3...
compare-eslint-config (>=0.1.0 <=0.1.1) potentially affected by CVE-2020-7629 via install-package (=0.1.0)
install-package NPM version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on install-package and may be impacted: - compare-eslint-config =0.1.0, =0.1.1 Source cves: CVE-2020-7629 Source advisory: SNYK:JS-INSTALLPACKAGE-564267...