Improper Privilege Management in shelljs

Description

shelljs is vulnerable to Improper Privilege Management

Recommendation

Update the shelljs package to the latest compatible version. Followings are version details:

• Affected version(s): < 0.8.5
• Patched version(s): 0.8.5

References

• GHSA-4rq4-32rv-6wp6
• huntr.dev
• CVE-2022-0144
• CWE-269
• CAPEC-310
• OWASP 2021-A4
• OWASP 2021-A6

Related Issues

• Improper Privilege Management in shelljs (GHSA-64g7-mvw6-v9qj) - Vulnerability
• Improper Verification of Cryptographic Signature in `node-forge` (GHSA-2r2c-g63r-vccr) - CVE-2022-24773
• Improper handling of multiline messages in node-irc affects matrix-appservice-irc - CVE-2022-29166
• Improper Removal of Sensitive Information Before Storage or Transfer in Strapi (GHSA-f6fm-r26q-p747) - CVE-2022-30617

Tags:

npm

shelljs