CVE-2019-10799

compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt