Withdrawn: ESLint dependencies are vulnerable (ReDoS and Prototype Pollution)

2020-03-13T20:36:16
ID GHSA-7FHM-MQM4-2WP7
Type github
Reporter GitHub Advisory Database
Modified 2020-04-03T23:20:25

Description

Withdrawn GitHub has withdrawn this advisory in place of GHSA-vh95-rmgr-6w4m and GHSA-6chw-6frg-f759. The reason for withdrawing is that some mistakes were made during the ingestion of CVE-2020-7598 which caused this advisory to be published with incorrect information.

In order to provide accurate advisory information, new advisories were created:

  • minimist: https://github.com/advisories/GHSA-vh95-rmgr-6w4m
  • acorn: https://github.com/advisories/GHSA-6chw-6frg-f759