| ▲ | fluxist 11 hours ago |
| A command to recursively check for the compromised axios package version: find / -path '*/node_modules/axios/package.json' -type f 2>/dev/null | while read -l f; set -l v (grep -oP '"version"\s*:\s\*"\K(1\.14\.1|0\.30\.4)' $f 2>/dev/null); if test -n "$v"; printf '\a\n\033[1;31m FOUND v%s\033[0m \033[1;33m%s\033[0m\n' $v (string replace '/package.json' '' -- $f); else; printf '\r\033[2m scanning: %s\033[K\033[0m' (string sub -l 70 -- $f); end; end; printf '\r\033[K\n\033[1;32m scan complete\033[0m\n'
|
|
| ▲ | hk__2 11 hours ago | parent | next [-] |
| Or more simply: find / -type f -path '*/node_modules/axios/package.json' \
-exec grep -Pl '"version"\s*:\s*"(1\.14\.1|0\.30\.4)"' {} + 2>/dev/null
Let’s not encourage people to respond to security incidents by… copy/pasting random commands they don’t understand. |
| |
|
| ▲ | skydhash 8 hours ago | parent | prev [-] |
| What’s with all those escapes codes? |
| |
| ▲ | sph 6 hours ago | parent [-] | | script kiddies love their ANSI color codes and fancy ASCII art |
|
