Command Injection The advisory has been revoked - it doesn't affect any version of package shelljs (opens in a new tab)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDnpm:shelljs:20140723
- published13 Feb 2017
- disclosed22 Jul 2014
- creditChris Corbyn
Introduced: 22 Jul 2014
CVE NOT AVAILABLE CWE-77 (opens in a new tab)Common Weakness Enumeration (CWE) is a category system for software weaknesses
Overview
After discussions with the maintainer, and added safety warnings to the package for users- this was deemed not a vulnerability.