Description
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.
Remediation
References
http://snyk.io/vuln/SNYK-JS-CHROMELAUNCHER-537575
Related Vulnerabilities
CVE-2020-28490 Vulnerability in npm package async-git
CVE-2023-48910 Vulnerability in maven package io.github.microcks:microcks
CVE-2023-48796 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-master
CVE-2023-3224 Vulnerability in npm package nuxt
CVE-2023-38695 Vulnerability in npm package @simonsmith/cypress-image-snapshot