Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:shescape:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductShescape (6e6ed096-0088-5926-8d82-ca812f1919a7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-25918 vulnerable 2026-06-08 05:41:49.711573 Regular Expression Denial of Service (ReDoS)
MEDIUM (5.3)
The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the escape function in index.js, due to the usage of insecure regex in the escapeArgBash function.
Published: 2022-10-27T05:05:09.944Z
Updated: 2025-05-05T18:24:44.572Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.