Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm shescape Security Advisories
Browse all Security Advisories for npm shescape
Loading...
High
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: over 1 year ago
GSA_kwCzR0hTQS1qNTVyLTc4N3AtbTU0Oc4AA1aq
Shescape on Windows escaping may be bypassed in threaded contextEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 12.4
Published: over 1 year ago
Low
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: over 1 year ago
GSA_kwCzR0hTQS0zZzdwLThxaHgtbWM4cs4AAz_2
Shescape potential environment variable exposure on Windows with CMDEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 4.5
Published: over 1 year ago
High
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 2 years ago
GSA_kwCzR0hTQS1jcjg0LXh2dzQtcXgzY84AAvio
Inefficient Regular Expression Complexity in shescapeEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: about 2 years ago
Critical
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: over 2 years ago
GSA_kwCzR0hTQS00NHZyLXJ3d2otcDg4aM4AAtaE
Shescape vulnerable to insufficient escaping of whitespaceEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: over 2 years ago
High
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: over 2 years ago
GSA_kwCzR0hTQS1qamM1LWZwN3AtNmY4d84AAtaD
Shescape prior to 1.5.8 vulnerable to insufficient escaping of line feeds for CMDEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 11.7
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: almost 3 years ago
GSA_kwCzR0hTQS00NDZ3LXJybTQtcjQ3Zs0v7w
Exposure of home directory through shescape on Unix with BashEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: almost 3 years ago
High
Ecosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 9.1
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWYycnAtMzh2Zy1qM2do
Null characters not escapedEcosystems: npm
Packages: shescape
Source: GitHub Advisory Database
Blast Radius: 9.1
Published: almost 4 years ago
Statistics
Advisories: 21,126
Packages: 9,213
Repositories: 1
Ecosystems: 12
Packages: 9,213
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
31
directus
28
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
next
20
tinymce
16
sequelize
16
ckeditor4
15
ghost
15
undici
14
swagger-ui
14
joplin
14
strapi
13
angular
13
vm2
12
nodebb
12
TinyMCE
11
flowise
11
handlebars
11
bootstrap
11
tinymce/tinymce
11
matrix-js-sdk
11
marked
11
nocodb
10
next-auth
9
@evershop/evershop
9
systeminformation
9
bootstrap
9
serve
9
twbs/bootstrap
9
@strapi/strapi
9
matrix-react-sdk
9
bootstrap
9
org.webjars:bootstrap
9
editor.md
8
validator
8
jquery-rails
8
url-parse
8
org.webjars.npm:jquery
8
jquery
8
uptime-kuma
8
express-cart
8
jsrsasign
8
vite
8
npm
8
steal
8
tar
8
urijs
8
node-forge
8
matrix-appservice-irc
8
mongoose
7
shescape
7
jQuery
7
sanitize-html
7
jquery-ui-rails
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
jquery-ui
7
elliptic
7
total.js
7
bootstrap-sass
7
bootstrap.sass
7
snyk-broker
7
lodash
7
hapi
7
dompurify
7
hermes-engine
7
@strapi/plugin-users-permissions
6
aaptjs
6
parse-url
6
safe-eval
6
rsshub
6
bootstrap-sass
6
mermaid
5
katex
5
yarn
5
sweetalert2
5
openpgp
5
xlsx
5
prismjs
5
lodash-es
5
@saltcorn/server
5
public
5
mysql2
5
keystone
5
ejs
5
@lobehub/chat
5
rendertron
5
vditor
5
axios
5
ws
5
ua-parser-js
5
total4
5
@sveltejs/kit
5
mattermost-desktop
5
dojo
5
express
5
vega
4
muhammara
4
fastify
4
hummus
4
auth0-lock
4
engine.io
4
@directus/api
4
remarkable
4
simple-git
4
jsonwebtoken
4
qs
4
@backstage/plugin-scaffolder-backend
4
realms-shim
4
hono
4
ecstatic
4
generator-jhipster
4
@keystone-6/core
4
convert-svg-core
4
aws-iot-device-sdk-v2
4
awsiotsdk
4
glance
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
lunary
4
meshcentral
4
apollo-server-core
4
follow-redirects
4
trix
4
mongo-express
4
safer-eval
4
apostrophe
4
auth0-js
4
materialize-css
4
moment
4
simple-markdown
4
valine
4
fast-xml-parser
4
ftp-srv
3
apollo-server
3
immer
3
send
3
@janhq/core
3
@vrite/sdk
3
node-fetch
3
angular-expressions
3
code-server
3
ag-grid-community
3
django-tinymce
3
@frangoteam/fuxa
3
@materializecss/materialize
3
pnpm
3
passport-wsfed-saml2
3
slpjs
3
mxgraph
3
buttle
3
connect
3
jquery-validation
3
object-path
3
node-opcua
3
braces
3
m-server
3
@commercial/subtext
3
mysql
3
jose-node-cjs-runtime
3
jose-node-esm-runtime
3
@cubejs-backend/api-gateway
3
layui
3
@builder.io/qwik
3
@soketi/soketi
3
xmldom
3
node-ipc
3
jointjs
3
blamer
3
renovate
3
dset
3
socket.io-parser
3
mixme
3
js-yaml
3
agnai
3
fuxa-server
3
bson
3
http-live-simulator
3
org.webjars.npm:xlsx
3
serialize-to-js
3
node-jose
3
@uppy/companion
3
grunt
3
postcss
3
loader-utils
3
llhttp
3
json-pointer
3
wrangler
3
browserify-shim
3
json-ptr
3
stimulsoft-dashboards-js
3
@hapi/subtext
3
subtext
3
parsel
3
astro
3
socket.io-file
3
nodemailer
3
raneto
3
uap-core
3
Filter by Repository