Description

This affects all versions of package deferred-exec. The injection point is located in line 42 in lib/deferred-exec.js

Remediation

References

https://security.snyk.io/vuln/SNYK-JS-DEFERREDEXEC-1050433

Related Vulnerabilities

CVE-2022-29252 Vulnerability in maven package org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki

CVE-2022-41376 Vulnerability in npm package metro4

CVE-2020-10693 Vulnerability in maven package org.hibernate.validator:hibernate-validator

CVE-2023-38889 Vulnerability in maven package org.alluxio:alluxio-core

CVE-2020-28436 Vulnerability in npm package google-cloudstorage-commands

Severity

Critical

Classification

CWE-77 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory