4 matches found
@142vip/egg (=0.0.1-alpha.1), @142vip/egg-axios (=0.0.1-alpha.1) +216 more potentially affected by CVE-2018-3786 via egg-scripts (>=1.2.0 <=2.6.0)
egg-scripts NPM version =1.2.0, =0.1.3-alpha.0, =0.1.0-alpha.0, =0.1.1-alpha.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =0.0.2, =0.0.8, =1.0.1, =1.0.2 and more Source cves: CVE-2018-3786 Source advisory: OSV:GHSA-C9J3-WQPH-5XX9...
CVE-2018-3786
A command injection vulnerability in egg-scripts v2.8.1 allows arbitrary shell command execution through a maliciously crafted command line argument...
CVE-2018-3786
A command injection vulnerability in egg-scripts v2.8.1 allows arbitrary shell command execution through a maliciously crafted command line argument...
CVE-2018-3786
CVE-2018-3786 affects egg-scripts prior to 2.8.1. A crafted command line argument enables command injection, allowing arbitrary shell command execution. Impact, per sources, is remote code execution in affected setups; exploitability is via untrusted input passed to egg-scripts. Remediation: upgr...