In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the npm
command which is part of this software package. This allows arbitrary shell execution,which can compromise the bot This is patched in version 1.0.0-beta
CPE | Name | Operator | Version |
---|---|---|---|
nick_chan_bot | eq | 1.0.0 betapre9 | |
nick_chan_bot | eq | 1.0.0 betapre8 | |
nick_chan_bot | eq | 1.0.0 betapre7 | |
nick_chan_bot | eq | 1.0.0 betapre11 |