CVE-2020-7635
CVE-2020-7635 affects the Node.js package compass-compile (through 0.0.1). The vulnerability arises from an unsanitized options argument in the library’s command construction, enabling Command Injection and the potential execution of arbitrary shell commands. Multiple connected sources corroborat...