The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted
References
Link | Resource |
---|---|
https://advisory.checkmarx.net/advisory/CX-2021-4774 | Exploit Third Party Advisory |
https://www.npmjs.com/package/eslint-fixer | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-03-18T23:34:13
Updated: 2024-06-26T20:23:29.289Z
Reserved: 2021-01-27T00:00:00
Link: CVE-2021-26275
JSON object: View
NVD Information
Status : Modified
Published: 2021-03-19T00:15:11.903
Modified: 2024-06-26T21:15:11.817
Link: CVE-2021-26275
JSON object: View
Redhat Information
No data.
CWE