4 matches found
0latency (=0.0.0), 192.168.0.172 (=4.6.1) +3626 more potentially affected by CVE-2016-10541 via shell-quote (>=0.0.1 <=1.6.0)
shell-quote NPM version =0.0.1, =1.0.0, =0.0.2, =1.0.0, =1.4.0, =0.0.0, =1.1.0, =0.1.3, =0.1.33, =0.0.3, =0.2.9 and more Source cves: CVE-2016-10541 Source advisory: OSV:GHSA-QG8P-V9Q4-GH34...
CVE-2016-10541
creationtimestamp| type| source ---|---|--- 2019-02-18 23:58:29+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-qg8p-v9q4-gh34...
CVE-2016-10541
The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape "" and "" operator used for redirection in shell. Applications that depend on shell-quote may also be vulnerable. A malicious user could perform code injection...
CVE-2016-10541
CVE-2016-10541 – shell-quote (npm) : The npm module shell-quote, version 1.6.0 and earlier, cannot correctly escape ">" and ", ;, {, } contribute to successful injection, underscoring the need for prompt update and reevaluation of input handling. Monitor for updates and apply the fixed release...