VYPR
High severity7.5NVD Advisory· Published Jun 7, 2018· Updated Jun 17, 2026

CVE-2017-16225

CVE-2017-16225

Description

aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
aegirnpm
>= 12.0.0, < 12.0.812.0.8

Affected products

2
  • ghsa-coords
    Range: >= 12.0.0, < 12.0.8
  • HackerOne/aegir node modulev5
    Range: >=12.0.0 <= 12.0.7

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.