CVE-2016-10541

Published: 2018-05-31T20:29Z

Last Modified: 2024-11-21T02:44Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape ">" and "<" operator used for redirection in shell. Applications that depend on shell-quote may also be vulnerable. A malicious user could perform code injection. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt