CVE-2023-40185: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

August 23, 2023 (updated September 1, 2023)

Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) in shescape.

References

github.com/advisories/GHSA-j55r-787p-m549
github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63
github.com/ericcornelissen/shescape/pull/1142
github.com/ericcornelissen/shescape/releases/tag/v1.7.4
github.com/ericcornelissen/shescape/security/advisories/GHSA-j55r-787p-m549

Detect and mitigate CVE-2023-40185 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →