CVE-2020-7627

The CVE refers to the npm module node-key-sender (versions up to 1.0.11 and earlier). The root cause is a Command Injection in the function that uses the arrParams argument of the execute() method, allowing execution of arbitrary commands. Multiple connected sources (Red Hat, Snyk, Veracode, CNVD...