CVE-2022-31180

Shescape is a simple shell escape package for JavaScript. Affected versions were found to have insufficient escaping of white space when interpolating output. This issue only impacts users that use the escape or escapeAll functions with the interpolation option set to true. The result is that if ...

Input validation

Shescape is a simple shell escape package for JavaScript. Affected versions were found to have insufficient escaping of white space when interpolating output. This issue only impacts users that use the escape or escapeAll functions with the interpolation option set to true. The result is that if ...

PT-2022-20592 · Microsoft +1 · Powershell +2

Name of the Vulnerable Software and Affected Versions: Shescape versions prior to 1.5.8 Description: The issue impacts users of the escape or escapeAll functions with the interpolation option set to true. If an attacker can include whitespace in their input, they can invoke shell-specific behavio...

Path Traversal

shescape is vulnerable to path traversal. When the interpolation option is set, an attacker can access files outside the expected directory by using bash with the escape or escapeAll functions in the shescape API...