{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T16:52:21.629","vulnerabilities":[{"cve":{"id":"CVE-2023-35931","sourceIdentifier":"security-advisories@github.com","published":"2023-06-23T20:15:09.357","lastModified":"2024-11-21T08:09:00.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Shescape is a simple shell escape library for JavaScript. An attacker may be able to get read-only access to environment variables. This bug has been patched in version 1.7.1.\n\n\n"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-526"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:shescape_project:shescape:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.7.1","matchCriteriaId":"FD2B2F90-B50D-4B40-8397-FA1731E34DB8"}]}]}],"references":[{"url":"https://github.com/ericcornelissen/shescape/commit/d0fce70f987ac0d8331f93cb45d47e79436173ac","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/ericcornelissen/shescape/pull/982","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/ericcornelissen/shescape/releases/tag/v1.7.1","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/ericcornelissen/shescape/security/advisories/GHSA-3g7p-8qhx-mc8r","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/ericcornelissen/shescape/commit/d0fce70f987ac0d8331f93cb45d47e79436173ac","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/ericcornelissen/shescape/pull/982","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/ericcornelissen/shescape/releases/tag/v1.7.1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://github.com/ericcornelissen/shescape/security/advisories/GHSA-3g7p-8qhx-mc8r","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}}]}