Description
This affects all versions of package ts-process-promises. The injection point is located in line 45 in main entry of package in lib/process-promises.js. The vulnerability is demonstrated with the following PoC:
Remediation
References
https://snyk.io/vuln/SNYK-JS-TSPROCESSPROMISES-1048334
Related Vulnerabilities
CVE-2019-1010266 Vulnerability in maven package org.webjars.bower:lodash
CVE-2020-7639 Vulnerability in npm package eivindfjeldstad-dot
CVE-2020-28267 Vulnerability in npm package @strikeentco/set
CVE-2020-36376 Vulnerability in npm package aaptjs
CVE-2023-34610 Vulnerability in maven package com.cedarsoftware:json-io