pastescript@0.5 vulnerabilities

A pluggable command-line frontend, including commands to setup package file layouts

  • latest version

    3.6.0

  • latest non vulnerable version

  • first published

    19 years ago

  • latest version published

    8 months ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the pastescript package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Privileges Escalation

    pastescript is a pluggable command-line frontend, including commands to setup package file layouts Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.

    [,1.7.5)