Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:29759
HistoryMar 19, 2021 - 1:49 a.m.

OS Command Injection

2021-03-1901:49:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
shescape
os command injection
escapeshellarg
null characters
arbitrary commands

EPSS

0.001

Percentile

34.7%

JSON

shescape is vulnerable to OS command injection. The function escapeShellArg does not strip null characters from user-provided input, causing errors and potentially execute arbitrary commands.

Related

osv 2
cvelist 1
nodejs 1
cve 1
prion 1
github 1
nvd 1
osv
osv
CVE-2021-21384
2021-03-19 00:15:11
Null characters not escaped
2021-03-18 23:47:56
cvelist
cvelist
CVE-2021-21384 Null characters not escaped in shescape
2021-03-18 23:50:13
nodejs
nodejs
Command Injection
2021-03-18 23:52:36
cve
cve
CVE-2021-21384
2021-03-19 00:15:11
prion
prion
Sql injection
2021-03-19 00:15:00
github
github
Null characters not escaped
2021-03-18 23:47:56
nvd
nvd
CVE-2021-21384
2021-03-19 00:15:11

EPSS

0.001

Percentile

34.7%

JSON
Related for VERACODE:29759
osv2cvelist1nodejs1cve1prion1github1nvd1