Snyk "high security #765

Unitech · 2017-08-26T07:19:05Z

Node version (or tell us if you're using electron or some other framework):

ShellJS version (the most recent version/Github branch you see the bug on):

Operating system:

Description of the bug:

Example ShellJS command to reproduce the error:

freitagbr · 2017-08-26T21:35:08Z

No change to logic. This adds documentation about `shell.exec()`'s inherent vulnerability to command injection and links to a more detailed security notice. Issue #103, #143, #495, #765, #766, #810, #842, #938, #945

freitagbr closed this as completed Aug 26, 2017

dependabot-preview bot mentioned this issue Mar 19, 2018

Update shelljs requirement to 0.8.x randallcara/vso-agent#5

Closed

nfischer added security exec Issues specific to the shell.exec() API labels Jun 26, 2019

nfischer mentioned this issue Jun 26, 2019

docs(exec): document security concerns #950

Merged

shelljs locked as resolved and limited conversation to collaborators Jul 1, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Snyk "high security #765

Snyk "high security #765

Unitech commented Aug 26, 2017

freitagbr commented Aug 26, 2017

Snyk "high security #765

Snyk "high security #765

Comments

Unitech commented Aug 26, 2017

Node version (or tell us if you're using electron or some other framework):

ShellJS version (the most recent version/Github branch you see the bug on):

Operating system:

Description of the bug:

Example ShellJS command to reproduce the error:

freitagbr commented Aug 26, 2017