eiskalteschatten/compile-sass

Releases19

Frequency3 months 6 days

Last Release over 3 years ago

Stars4

A module to compile SASS on-the-fly and/or save it to CSS files using dart-sass for Node.js

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-10799 ↗	Feb 24, 2020Monday, 24 February 2020, 18:15	8.2 HIGH	8.5 HIGH
compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization.