CVE-2020-7681 Vulnerability in npm package marscode

Description

This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js.

Remediation

References

Related Vulnerabilities

Severity

High

Classification

CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Exploit Third Party Advisory