← Retour au dashboard
critical
osv-scanner
detected
CVE-2026-9277: shell-quote quote() does not escape newlines in object .op values
spham/scruteur
Description
Package 'shell-quote@1.8.3' is vulnerable to 'CVE-2026-9277' (also known as 'GHSA-w7jw-789q-3m8p').
- Regle
- CVE-2026-9277
- Fichier
- file:///builds/spham/scruteur/package-lock.json:
- CVE
- CVE-2026-9277
- Premiere detection
- 2026-06-17 12:26
- Derniere detection
- 2026-06-17 12:26
- Pipeline
- lien
JSON brut
{
"kind": "fail",
"rank": -1,
"taxa": [],
"fixes": [],
"level": "warning",
"graphs": [],
"ruleId": "CVE-2026-9277",
"stacks": [],
"message": {
"text": "Package 'shell-quote@1.8.3' is vulnerable to 'CVE-2026-9277' (also known as 'GHSA-w7jw-789q-3m8p').",
"arguments": []
},
"codeFlows": [],
"locations": [
{
"id": -1,
"annotations": [],
"relationships": [],
"logicalLocations": [],
"physicalLocation": {
"artifactLocation": {
"uri": "file:///builds/spham/scruteur/package-lock.json",
"index": -1
}
}
}
],
"ruleIndex": 0,
"attachments": [],
"graphTraversals": [],
"relatedLocations": [],
"partialFingerprints": {
"primaryLocationLineHash": "cf7d4e932088b892e64c9a8271c18c610c4ea25aed04f4ee9c652ce919fc589f"
}
}