CVE-2020-7635
N/A
N/A
Summary
compass-compile through 0.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via tha options argument.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | compass-compile | All versions including 0.0.1 | affected |
Weaknesses
- Command Injection
ADP Enrichment
CVE Program Container
Additional References
- https://snyk.io/vuln/SNYK-JS-COMPASSCOMPILE-564429
- https://github.com/quaertym/compass-compile/blob/master/lib/compass.js#L25
References
- https://snyk.io/vuln/SNYK-JS-COMPASSCOMPILE-564429
- https://github.com/quaertym/compass-compile/blob/master/lib/compass.js#L25
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.