Affecting shelljs package, ALL versions
shelljs is a portable Unix shell commands for Node.js.
Affected version of this package are vulnerable to Command Injection. It is possible to invoke commands from
shell.exec() from external sources, allowing an attacker to inject arbitrary commands.
There is no fix version for
Do your applications use this vulnerable package?
- Chris Corbyn
- Snyk ID
- 22 Jul, 2014
- 13 Feb, 2017