Homepage

pastescript@1.7.4.2 vulnerabilities

A pluggable command-line frontend, including commands to setup package file layouts

  • latest version

    3.6.0

  • latest non vulnerable version

    3.6.0

  • first published

    19 years ago

  • latest version published

    8 months ago

  • licenses detected

  • View pastescript package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the pastescript package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Privileges Escalation

    pastescript is a pluggable command-line frontend, including commands to setup package file layouts Paste Script 1.7.5 and earlier does not properly set group memberships during execution with root privileges, which might allow remote attackers to bypass intended file-access restrictions by leveraging a web application that uses the local filesystem.

    [,1.7.5)
    Go back to all versions of this package