6 matches found
CVE-2022-31179
Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...
CVE-2022-31179
Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...
CVE-2022-31179 Insufficient escaping of line feeds for CMD in shescape
Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...
CVE-2022-31179 Insufficient escaping of line feeds for CMD in shescape
Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...
CVE-2022-31179
CVE-2022-31179 relates to the Shescape JavaScript package. Versions prior to 1.5.8 are vulnerable to code injection on Windows when escaping arguments for cmd.exe; an attacker can omit subsequent arguments by injecting a line feed ('\n') into the payload. The issue is fixed in v1.5.8, so upgradin...
CVE-2022-31179 Insufficient escaping of line feeds for CMD in shescape
Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to code injection on windows. This impacts users that use Shescape any API function to escape arguments for cmd.exe on Windows An attacker can omit all arguments following their input by...