Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Security vulnerability in shelljs

See original GitHub issue

https://github.com/shelljs/shelljs/issues/945

shelljs is a dependency of @angular/compiler-cli

It does not look like there’s a patch for this yet.

Issue Analytics

State:
Created 4 years ago
Reactions:2
Comments:8 (2 by maintainers)

Top GitHub Comments

2reactions

gkalpakcommented, Jun 24, 2019

Duplicate of #29460.

tl;dr We are not using .exec(), so we are not affected 🤷‍♂

2reactions

limontecommented, Jun 24, 2019

404

This is strange. Looks like security issues aren’t public, which doesn’t make much sense to me. Anyway, here’s the screenshot:

Top Results From Across the Web

shelljs - Snyk Vulnerability Database

version published direct vulnerabilities 0.8.5 6 Jan, 2022 0. C. 0. H. 0. M. 0. L 0.8.4 24 Apr, 2020 0. C. 1. H. 0....

0.8.3 high severity vuln · Issue #945 · shelljs/shelljs - GitHub

From what I understand, library itself isn't vulnerable, it is the usage of the library that has the potential*. I've reached out to...

Shelljs Project Shelljs : List of security vulnerabilities - CVE Details

Security vulnerabilities of Shelljs Project Shelljs : List of all related CVE security vulnerabilities. CVSS Scores, vulnerability details and links to full ...

Vulnerabilities in ShellJS software - CyberSecurity Help

List of known vulnerabilities in ShellJS software.

Vulnerabilities found in the JavaScript - shelljs library - Veracode

shelljs Vulnerability Data ... Learn more about our SCA solution. Schedule a Demo. Verified Security Data. The most accurate and complete database of...