CVE-2020-7697
The CVE-2020-7697 entry concerns the npm package mock2easy, with a code injection vulnerability exposed via the _data variable in the command path that invokes a server-side curl wrapper. Technical details in connected items show the vulnerable call pattern: require('../server/getJsonByCurl')(moc...