Описание
Command injection in buns
There is a command injection vulnerability in all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).
Пакеты
Наименование
buns
npm
Затронутые версииВерсия исправления
<= 1.1.6
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
около 5 лет назад
This affects all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).