CVE-2020-7640

CVE-2020-7640

EPSS 2.1%

pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization.

Produtos afetados

n/a · pixl-class

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/jhuckaby/pixl-class/commit/47677a3638e3583e42f3a05cc7f0b30293d2acc8%2C https://snyk.io/vuln/SNYK-JS-PIXLCLASS-564968