compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| compile-sass(npm) | 0 | 1.0.5 | N/A |
CVSS Metrics
