{"id":"CVE-2017-16225","details":"aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token.","aliases":["GHSA-6xhf-x49c-m5m6"],"modified":"2026-03-13T23:19:24.824810Z","published":"2018-06-07T02:29:07.770Z","references":[{"type":"ADVISORY","url":"https://nodesecurity.io/advisories/546"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ipfs/aegir","events":[{"introduced":"c85cdfe04532e049eb1ef7f0a9fec0df9e1223bd"},{"last_affected":"ed787b6fbd56c3cde85db61a7bdae6f6e9b84bb6"}],"database_specific":{"versions":[{"introduced":"12.0.0"},{"last_affected":"12.0.7"}]}}],"versions":["v12.0.0","v12.0.1","v12.0.2","v12.0.3","v12.0.4","v12.0.5","v12.0.6","v12.0.7"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16225.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}