Filtered by vendor Node-import Project Subscriptions
Filtered by product Node-import Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-7678 1 Node-import Project 1 Node-import 2024-11-21 8.6 High
This affects all versions of package node-import. The "params" argument of module function can be controlled by users without any sanitization.b. This is then provided to the “eval” function located in line 79 in the index file "index.js".