CVE-2020-7640

CVE-2020-7640

EPSS 2.1%

pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.

Affected products

n/a · pixl-class

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/jhuckaby/pixl-class/commit/47677a3638e3583e42f3a05cc7f0b30293d2acc8%2C https://snyk.io/vuln/SNYK-JS-PIXLCLASS-564968