CVE-2020-7640

CVE-2020-7640

EPSS 2.1%

pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.

Productos afectados

n/a · pixl-class

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/jhuckaby/pixl-class/commit/47677a3638e3583e42f3a05cc7f0b30293d2acc8%2C https://snyk.io/vuln/SNYK-JS-PIXLCLASS-564968