0.002 Low
EPSS
Percentile
59.0%
shescape is vulnerable to denial of service. The vulnerability is due to insecure regex in the escapeArgBash function of unix.js which allows an attacker to crash the application by providing a malicious user input.
escapeArgBash
unix.js
github.com/advisories/GHSA-cr84-xvw4-qx3c
github.com/ericcornelissen/shescape/blob/main/src/unix.js%23L52
github.com/ericcornelissen/shescape/commit/552e8eab56861720b1d4e5474fb65741643358f9
github.com/ericcornelissen/shescape/releases/tag/v1.6.1