Description
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.
Remediation
References
http://snyk.io/vuln/SNYK-JS-CHROMELAUNCHER-537575
Related Vulnerabilities
CVE-2022-34169 Vulnerability in maven package xalan:xalan
CVE-2020-28469 Vulnerability in maven package org.webjars.npm:glob-parent
CVE-2022-23461 Vulnerability in npm package jodit
CVE-2022-23620 Vulnerability in maven package org.xwiki.platform:xwiki-platform-skin-skinx
CVE-2021-42697 Vulnerability in maven package com.typesafe.akka:akka-http-core