Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package aegir, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2020-11059 — CVSS 9.6 (critical): In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables…
CVE-2017-16225 — CVSS 7.5 (high): aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm…