CVE-2020-7678

Name of the Vulnerable Software and Affected Versions node-import versions all

Description The issue affects the params argument of a module function, which can be controlled by users without proper sanitization. This unsanitized input is then passed to the eval function, located in line 79 of the index.js file.

Recommendations For all versions, consider restricting or sanitizing user input to the params argument to prevent exploitation until a proper fix is applied. As a temporary workaround, consider disabling the eval function call in the index.js file at line 79 to minimize the risk of exploitation.