vuln: Exception for shell-quote@1.8.2 #2

Open
opened 2026-07-13 21:22:17 +00:00 by onlyati · 0 comments
Owner

No new version so far, but in the repo the fixed version already available. Waiting for the new version of a-h/templ package. Until exception is granted.

21:13:38 ERROR detected vulnerability
  ├─ source: filesystem
  ├─ target: .ci_env/packages/go/go/pkg/mod/github.com/a-h/templ@v0.3.1020/docs/package-lock.json
  ├─ class: lang-pkgs
  ├─ pkg_name: shell-quote
  ├─ installed_version: 1.8.3
  ├─ fixed_version: 1.8.4
  ├─ status: fixed
  └─ vulnerability_id: CVE-2026-9277
No new version so far, but in the repo the fixed version already available. Waiting for the new version of `a-h/templ` package. Until exception is granted. ``` 21:13:38 ERROR detected vulnerability ├─ source: filesystem ├─ target: .ci_env/packages/go/go/pkg/mod/github.com/a-h/templ@v0.3.1020/docs/package-lock.json ├─ class: lang-pkgs ├─ pkg_name: shell-quote ├─ installed_version: 1.8.3 ├─ fixed_version: 1.8.4 ├─ status: fixed └─ vulnerability_id: CVE-2026-9277 ```
Sign in to join this conversation.
No labels
No milestone
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
pandora/pandora-report.goapp#2
No description provided.