Description
All versions of chrome-launcher allow execution of arbitrary commands, by controlling the $HOME environment variable in Linux operating systems.
Remediation
References
http://snyk.io/vuln/SNYK-JS-CHROMELAUNCHER-537575
Related Vulnerabilities
CVE-2020-28422 Vulnerability in npm package git-archive
CVE-2020-7760 Vulnerability in maven package org.apache.marmotta.webjars:codemirror
CVE-2022-39299 Vulnerability in npm package @node-saml/node-saml
CVE-2021-32623 Vulnerability in maven package org.opencastproject:opencast-kernel
CVE-2022-2932 Vulnerability in maven package org.webjars.npm:mobiledoc-kit