Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Babel
(Babeljs)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-10-12 | CVE-2023-45133 | Babel is a compiler for writingJavaScript. In `@babel/traverse` prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of `babel-traverse`, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that rely on the `path.evaluate()`or `path.evaluateTruthy()` internal Babel methods. Known affected plugins are `@babel/plugin-transform-runtime`; `@babel/preset-env` when using its `useBuiltIns`... | Babel, Babel\-Helper\-Define\-Polyfill\-Provider, Babel\-Plugin\-Polyfill\-Corejs2, Babel\-Plugin\-Polyfill\-Corejs3, Babel\-Plugin\-Polyfill\-Es\-Shims, Babel\-Plugin\-Polyfill\-Regenerator, Babel\-Plugin\-Transform\-Runtime, Babel\-Preset\-Env, Debian_linux | 8.8 |