First published: Thu Jun 07 2018(Updated: )
aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.
Credit: support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
Aegir Project Aegir | >=12.0.0<=12.0.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2017-16225.
The severity of CVE-2017-16225 is high with a severity value of 7.5.
The affected software for CVE-2017-16225 is Aegir Project Aegir version 12.0.0 through 12.0.7.
The common weakness enumeration (CWE) for this vulnerability is CWE-200.
To fix CVE-2017-16225, update Aegir Project Aegir to a version beyond 12.0.7.