Shescape is a simple shell escape library for JavaScript. Prior to 2.1.10, Shescape#escape() does not escape square-bracket glob syntax for Bash, BusyBox sh, and Dash. Applications that interpolate the return value directly into a shell command string can cause an attacker-controlled value like secret[12] to expand into multiple filesystem matches instead of a single literal argument, turning one argument into multiple trusted-pathname matches. This vulnerability is fixed in 2.1.10.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShescape Project Shescape
APPShescape Project< 2.1.10
Related vulnerabilities
Shescape is a simple shell escape package for JavaScript. Affected versions were found to have insufficient es...
Shescape is a simple shell escape package for JavaScript. Versions prior to 1.5.8 were found to be subject to ...
shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in ...
The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDo...
Shescape is a shell escape package for JavaScript. An Inefficient Regular Expression Complexity vulnerability ...