CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization.

Product Status

Learn more

Versions 1 Total

Default Status: unknown

affected

References 2 Total

https://github.com/eiskalteschatten/compile-sass/commit/d9ada7797ff93875b6466dea7a78768e90a0f8d2
external site
https://snyk.io/vuln/SNYK-JS-COMPILESASS-551804
external site

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

https://github.com/eiskalteschatten/compile-sass/commit/d9ada7797ff93875b6466dea7a78768e90a0f8d2
external site
x_transferred
https://snyk.io/vuln/SNYK-JS-COMPILESASS-551804
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Snyk

Description

Product Status

References 2 Total

CVE Program

References 2 Total