Description
This affects all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).
Remediation
References
https://snyk.io/vuln/SNYK-JS-BUNS-1050389
Related Vulnerabilities
CVE-2020-2207 Vulnerability in maven package org.jenkins-ci.plugins:vncviewer
CVE-2019-10307 Vulnerability in maven package org.jvnet.hudson.plugins:analysis-core
CVE-2017-4963 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-server
CVE-2016-4436 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2022-42466 Vulnerability in maven package org.apache.isis.viewer:isis-viewer-wicket-ui