VYPR

npm package

sync-exec

pkg:npm/sync-exec

Vulnerabilities (1)

  • CVE-2017-16024MedJun 4, 2018
    affected <= 0.6.2

    The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain con