VYPR

npm package

config-shield

pkg:npm/config-shield

Vulnerabilities (1)

  • CVE-2021-26276Jan 27, 2021
    affected < 0.2.3fixed 0.2.3

    scripts/cli.js in the GoDaddy node-config-shield (aka Config Shield) package before 0.2.2 for Node.js calls eval when processing a set command. NOTE: the vendor reportedly states that this is not a vulnerability. The set command was not intended for use with untrusted data