Lucene search

GitHub_MCVELIST:CVE-2023-40185

HistoryAug 23, 2023 - 8:20 p.m.

CVE-2023-40185 Shescape on Windows escaping may be bypassed in threaded context

2023-08-2320:20:45

CWE-150

GitHub_M

www.cve.org

cve-2023-40185

shescape

windows

threaded context

vulnerability

javascript

shell escape

patch

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

41.7%

JSON

shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping (or quoting) for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell. This bug has been patched in version 1.7.4.

CNA Affected

[
  {
    "vendor": "ericcornelissen",
    "product": "shescape",
    "versions": [
      {
        "version": "< 1.7.4",
        "status": "affected"
      }
    ]
  }
]

References

github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63

github.com/ericcornelissen/shescape/pull/1142

github.com/ericcornelissen/shescape/releases/tag/v1.7.4

github.com/ericcornelissen/shescape/security/advisories/GHSA-j55r-787p-m549

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

41.7%

JSON

Related for CVELIST:CVE-2023-40185