Critical severity vulnerability that affects syntax-error

2017-10-24T18:33:36
ID GHSA-5726-G6R9-5F22
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:01:59

Description

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file.