Description
This affects all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).
Remediation
References
https://snyk.io/vuln/SNYK-JS-BUNS-1050389
Related Vulnerabilities
CVE-2019-8331 Vulnerability in maven package org.webjars.bowergithub.jasny:bootstrap
CVE-2021-21122 Vulnerability in maven package org.webjars.npm:electron
CVE-2019-10466 Vulnerability in maven package org.jenkins-ci.plugins.plugin:fireline
CVE-2020-6429 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-36915 Vulnerability in maven package org.jenkins-ci.plugins:android-signing