Description
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.
Remediation
References
http://snyk.io/vuln/SNYK-JS-CHROMELAUNCHER-537575
Related Vulnerabilities
CVE-2022-1295 Vulnerability in maven package org.webjars.bower:fullpage.js
CVE-2022-1291 Vulnerability in maven package org.webjars.bower:tableexport.jquery.plugin
CVE-2020-10244 Vulnerability in maven package dev.paseto:jpaseto-sodium
CVE-2022-40955 Vulnerability in maven package org.apache.inlong:sort-connector-mysql-cdc
CVE-2021-43797 Vulnerability in maven package io.netty:netty-codec-http