4 matches found
GHSA-8695-FR6H-9FQ8 Command Injection in nuance-gulp-build-common
All versions of package nuance-gulp-build-common are vulnerable to Command Injection via the index.js file. PoC: js var a = require"nuance-gulp-build-common" a.run"touch JHU"...
Command Injection in nuance-gulp-build-common
All versions of package nuance-gulp-build-common are vulnerable to Command Injection via the index.js file. PoC: js var a = require"nuance-gulp-build-common" a.run"touch JHU"...
Arbitrary Command Execution
nuance-gulp-build-common is vulnerable to arbitrary command execution. The run function allows an attacker to execute arbitrary commands on the host OS...
nuance-gulp-build-common OS Command Injection Vulnerability
nuance-gulp-build-common is a package for npm. nuance-gulp-build-common suffers from an operating system command injection vulnerability that stems from vulnerability to command injection via the index.js file...