WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2020-7735 Vulnerability in npm package ng-packagr

Description

The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option.

Remediation

References

https://github.com/ng-packagr/ng-packagr/commit/bda0fff3443301f252930a73fdc8fb9502de596d

https://snyk.io/vuln/SNYK-JS-NGPACKAGR-1012427

Related Vulnerabilities

CVE-2023-46653 Vulnerability in maven package org.jenkins-ci.plugins:lambdatest-automation

CVE-2021-27290 Vulnerability in npm package ssri

CVE-2021-41246 Vulnerability in npm package express-openid-connect

CVE-2017-1000452 Vulnerability in npm package express-saml2

CVE-2022-21191 Vulnerability in npm package global-modules-path

Severity

Critical

Classification

CWE-78

Tags

Patch Third Party Advisory