Description
An unintended require vulnerability in script-manager npm package version 0.8.6 and earlier may allow attackers to execute arbitrary code.
Remediation
References
https://hackerone.com/reports/660563
Related Vulnerabilities
CVE-2020-36184 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2019-5479 Vulnerability in npm package larvitbase-api
CVE-2022-24999 Vulnerability in npm package qs
CVE-2021-22096 Vulnerability in maven package org.springframework:spring-webflux
CVE-2023-24057 Vulnerability in maven package ca.uhn.hapi.fhir:org.hl7.fhir.convertors