10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.254 Low
EPSS
Percentile
96.6%
Versions of syntax-error
prior to 1.1.1 are affected by a cross-site scripting vulnerability which may allow a malicious file to execute code when browserified.
Update to version 1.1.1 or later.
CPE | Name | Operator | Version |
---|---|---|---|
syntax-error | lt | 1.1.1 |
www-01.ibm.com/support/docview.wss?uid=swg21690815
exchange.xforce.ibmcloud.com/vulnerabilities/96728
github.com/advisories/GHSA-5726-g6r9-5f22
github.com/substack/node-browserify/blob/master/changelog.markdown#421
github.com/substack/node-syntax-error
github.com/substack/node-syntax-error/commit/9aa4e66eb90ec595d2dba55e6f9c2dd9a668b309
nvd.nist.gov/vuln/detail/CVE-2014-7192
www.npmjs.com/advisories/37