safeguards-io/safeguards:package.json

Safeguard is a tool for validaitng the safety and security of your infrastructure before it is provisioned.
Vulnerabilities 1 via 1 paths
Dependencies 406
Source GitHub
Commit 8e1fcc37

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0
high severity

Command Injection

  • Vulnerable module: shelljs
  • Introduced through: oclif@1.13.4

Detailed paths

  • Introduced through: @safeguards/safeguards@safeguards-io/safeguards#8e1fcc37ee5b00fd2ad1691c53623e8c93fdd42e oclif@1.13.4 yeoman-generator@3.2.0 shelljs@0.8.3

Overview

shelljs is a portable Unix shell commands for Node.js.

Affected version of this package are vulnerable to Command Injection. It is possible to invoke commands from shell.exec() from external sources, allowing an attacker to inject arbitrary commands.

Remediation

There is no fix version for shelljs.

References