EPSS
Percentile
59.3%
shescape is vulnerable to carriage return line feed (CRLF) injection. User provided data for Powershell and cmd.exe on Windows systems are not escaped sufficiently, allowing an attacker to input a line feed character (‘\n’).
github.com/advisories/GHSA-jjc5-fp7p-6f8w
github.com/ericcornelissen/shescape/pull/332
github.com/ericcornelissen/shescape/releases/tag/v1.5.8
github.com/ericcornelissen/shescape/security/advisories/GHSA-jjc5-fp7p-6f8w