4 matches found
CVE-2020-7640
pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization...
CVE-2020-7640
pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization...
CVE-2020-7640
pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization...
CVE-2020-7640
CVE-2020-7640 describes an OS command injection in pixl-class prior to version 1.0.3. The vulnerability arises because the members parameter of the create function is not sanitized, allowing an attacker to execute arbitrary commands. Affected: pixl-class (Node.js module) before 1.0.3. Impact per ...