Lucene search
+L

13 matches found

redhatcve
redhatcve
added 2026/01/09 9:58 a.m.13 views

CVE-2020-7601

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

9.8CVSS7.2AI score0.02644EPSS
Exploits1References1
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1073

Malware in sbrugna...

9.8CVSS9.3AI score0.02644EPSS
Exploits1References3
nodejs
nodejs
added 2021/05/07 4:18 p.m.75 views

Injection in gulp-scss-lint

Overview gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options. Recommendation Avoid using gulp-scss-lint as there is no current safe version of this module...

7.5CVSS6.8AI score0.02644EPSS
Exploits1Affected Software1
vulnersosv
vulnersosv
added 2021/05/07 4:15 p.m.6 views

@absolunet/nwayo-workflow (>=3.2.0 <=3.3.6), @londondevstudio/gush (>=0.9.0 <=0.10.0) +53 more potentially affected by CVE-2020-7601 via gulp-scss-lint (>=0.1.12 <=1.0.0)

gulp-scss-lint NPM version =0.1.12, =3.2.0, =0.9.0, =1.0.0, =1.1.1, =0.0.27, =0.0.33, =1.0.34, =1.1.54 - fear-core-dev =1.3.2 and more Source cves: CVE-2020-7601 Source advisory: OSV:GHSA-G4HJ-R7R3-9RWV...

9.8CVSS7.2AI score0.02644EPSS
Exploits1
osv
osv
added 2021/05/07 4:15 p.m.14 views

GHSA-G4HJ-R7R3-9RWV OS Command Injection in gulp-scss-lint

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

9.8CVSS6.2AI score0.02644EPSS
Exploits1References2
github
github
added 2021/05/07 4:15 p.m.69 views

OS Command Injection in gulp-scss-lint

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

9.8CVSS9.2AI score0.02644EPSS
Exploits1References3Affected Software1
huntr
huntr
added 2020/09/02 12:0 a.m.78 views

Command Injection in juanfran/gulp-scss-lint

Overview gulp-scss-lint is a Lint for your .scss files, this package is vulnerable to Command Injection. It is possible to inject arbitrary commands to the exec function located in src/command.js via the provided options. Proof of Concept by JHU System Security Lab var root =...

7.5CVSS4.9AI score0.02644EPSS
Exploits1
bdu_fstec
bdu_fstec
added 2020/03/26 12:0 a.m.7 views

Vulnerability of the `exec` function in the gulp-scss-lint package from the NPM package manager, allowing attackers to execute arbitrary commands.

The vulnerability of the exec function in the src/command.js file of the gulp-scss-lint package exists because measures to eliminate special elements used in operating system commands have not been taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.2AI score0.02644EPSS
Exploits1References5Affected Software1
cnvd
cnvd
added 2020/03/17 12:0 a.m.8 views

gulp-scss-lint injection vulnerability

gulp-scss-lint is a configurable package of code cleaning tools. A security vulnerability exists in gulp-scss-lint 1.0.0 and earlier versions. An attacker can exploit the vulnerability to inject and execute arbitrary commands...

9.8CVSS7.5AI score0.02644EPSS
Exploits1References1
nvd
nvd
added 2020/03/15 10:15 p.m.34 views

CVE-2020-7601

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

9.8CVSS9.6AI score0.02644EPSS
Exploits1References1
osv
osv
added 2020/03/15 10:15 p.m.14 views

CVE-2020-7601

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

9.8CVSS7.1AI score
Exploits0References1
prion
prion
added 2020/03/15 10:15 p.m.22 views

Code injection

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

7.5CVSS9.5AI score0.02644EPSS
Exploits1References1Affected Software1
vulnersosv
vulnersosv
added 2020/03/13 9:26 a.m.9 views

@absolunet/nwayo-workflow (>=3.2.0 <=3.3.6), @londondevstudio/gush (>=0.9.0 <=0.10.0) +53 more potentially affected by CVE-2020-7601 via gulp-scss-lint (>=0.1.12 <=1.0.0)

gulp-scss-lint NPM version =0.1.12, =3.2.0, =0.9.0, =1.0.0, =1.1.1, =0.0.27, =0.0.33, =1.0.34, =1.1.54 - fear-core-dev =1.3.2 and more Source cves: CVE-2020-7601 Source advisory: SNYK:JS-GULPSCSSLINT-560114...

9.8CVSS7.2AI score0.02644EPSS
Exploits1
Rows per page
Query Builder