CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Compile-Sass Project: >> Compile-Sass >> 1.0.4 Security Vulnerabilities

CVE-2019-10799

compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization.

CVSS Score

8.2

EPSS Score

0.004

Published

2020-02-24

Page 1

Vulnerabilities

Vulnerable Software

Compile-Sass Project: >> Compile-Sass >> 1.0.4 Security Vulnerabilities

Products

Pricing

Contact Us