CVE-2020-7789

Summary

This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array.

Affected Software

VendorProductVersion RangeStatus
n/anode-notifierunspecified < 9.0.0affected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References