Количество 2
Количество 2
CVE-2021-21384
shescape is a simple shell escape package for JavaScript. In shescape before version 1.1.3, anyone using _Shescape_ to defend against shell injection may still be vulnerable against shell injection if the attacker manages to insert a into the payload. For an example see the referenced GitHub Security Advisory. The problem has been patched in version 1.1.3. No further changes are required.
GHSA-f2rp-38vg-j3gh
Null characters not escaped
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-21384 shescape is a simple shell escape package for JavaScript. In shescape before version 1.1.3, anyone using _Shescape_ to defend against shell injection may still be vulnerable against shell injection if the attacker manages to insert a into the payload. For an example see the referenced GitHub Security Advisory. The problem has been patched in version 1.1.3. No further changes are required. | CVSS3: 6.3 | 0% Низкий | почти 5 лет назад |
| GHSA-f2rp-38vg-j3gh Null characters not escaped | CVSS3: 6.3 | 0% Низкий | почти 5 лет назад |
Уязвимостей на страницу