Description
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.
Remediation
References
http://snyk.io/vuln/SNYK-JS-CHROMELAUNCHER-537575
Related Vulnerabilities
CVE-2023-29207 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-templates
CVE-2020-7754 Vulnerability in maven package org.webjars.npm:npm-user-validate
CVE-2022-25860 Vulnerability in maven package org.webjars.npm:simple-git
CVE-2020-7716 Vulnerability in npm package deeps
CVE-2021-23463 Vulnerability in maven package com.h2database:h2