You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Package: node-notifier
Version: 5.0.2
Description: A Node.js module for sending notifications on native Mac, Windows (post and pre 8) and Linux (or Growl as fallback)
This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array. Sonatype's research suggests that this CVE's details differ from those defined at NVD.
Package: node-notifier
Version: 5.0.2
Description: A Node.js module for sending notifications on native Mac, Windows (post and pre 8) and Linux (or Growl as fallback)
This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array. Sonatype's research suggests that this CVE's details differ from those defined at NVD.
CVSS Score: 5.6
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
The text was updated successfully, but these errors were encountered: