Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:42 a.m.10 views

CVE-2022-31179

Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...

9.8CVSS7.1AI score0.011EPSS
Exploits1References1
NVD
NVD
added 2022/08/01 8:15 p.m.28 views

CVE-2022-31179

Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...

9.8CVSS0.011EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/08/01 7:20 p.m.45 views

CVE-2022-31179 Insufficient escaping of line feeds for CMD in shescape

Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...

8.1CVSS10AI score0.011EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/08/01 7:20 p.m.7 views

CVE-2022-31179 Insufficient escaping of line feeds for CMD in shescape

Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...

8.1CVSS9.9AI score0.011EPSS
Exploits1References3
CVE
CVE
added 2022/08/01 7:20 p.m.470 views

CVE-2022-31179

CVE-2022-31179 relates to the Shescape JavaScript package. Versions prior to 1.5.8 are vulnerable to code injection on Windows when escaping arguments for cmd.exe; an attacker can omit subsequent arguments by injecting a line feed ('\n') into the payload. The issue is fixed in v1.5.8, so upgradin...

9.8CVSS9.2AI score0.011EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/08/01 7:20 p.m.20 views

CVE-2022-31179 Insufficient escaping of line feeds for CMD in shescape

Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...

8.1CVSS9.3AI score0.011EPSS
Exploits1References5
Rows per page
Query Builder