Description
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.
Remediation
References
http://snyk.io/vuln/SNYK-JS-CHROMELAUNCHER-537575
Related Vulnerabilities
CVE-2014-0050 Vulnerability in maven package commons-fileupload:commons-fileupload
CVE-2020-28496 Vulnerability in maven package org.webjars.npm:three
CVE-2023-3691 Vulnerability in npm package layui
CVE-2022-23496 Vulnerability in maven package nl.basjes.parse.useragent:yauaa-snowflake
CVE-2022-24948 Vulnerability in maven package org.apache.jspwiki:jspwiki-main