CVE-2017-16225

Summary

aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.

Affected Software

VendorProductVersion RangeStatus
HackerOneaegir node module>=12.0.0 <= 12.0.7affected

Weaknesses

  • CWE-200: Information Disclosure (CWE-200)

ADP Enrichment

CVE Program Container

Additional References

References