Description
This affects all versions of package ts-process-promises. The injection point is located in line 45 in main entry of package in lib/process-promises.js. The vulnerability is demonstrated with the following PoC:
Remediation
References
https://snyk.io/vuln/SNYK-JS-TSPROCESSPROMISES-1048334
Related Vulnerabilities
CVE-2021-38294 Vulnerability in maven package org.apache.storm:storm-server
CVE-2023-37962 Vulnerability in maven package io.jenkins.plugins:benchmark-evaluator
CVE-2020-7693 Vulnerability in npm package sockjs
CVE-2018-3737 Vulnerability in maven package org.webjars.npm:sshpk
CVE-2022-45207 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system