90 matches found
MAL-2024-10694 Malicious code in babel-plugin-istanbul-shopee (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b297d163ed50548e4f9a48bd5b04af57e58f063fa67d58480f857b63b9ee0bcc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babel-plugin-method-version (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29577c8ffc63866c4637065e68045167ad7f9d535d70f9d3cef45eaea4a00ffa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10475 Malicious code in babel-plugin-method-version (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29577c8ffc63866c4637065e68045167ad7f9d535d70f9d3cef45eaea4a00ffa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Debian DSA-5528-1 : node-babel7 - security update
The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5528 advisory. - Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile...
CVE-2023-45133
Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...
Code injection
Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...
CVE-2023-45133 Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code
Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...
CVE-2023-45133
CVE-2023-45133 affects Babel’s traversal layer. The issue allows arbitrary code execution during compilation when compiling code crafted by an attacker via plugins that rely on path.evaluate() or path.evaluateTruthy(). Affected in: @babel/traverse prior to 7.23.2 and 8.0.0-alpha.4, and all versio...
OESA-2023-1683 python-mako security update
Python-mako is a template library for Python. It provides a familiar, non-XML syntax which compiles into Python modules for maximum performance. Mako's syntax and API borrows from the best ideas of many others, including Django templates, Cheetah, Myghty, and Genshi. Security Fixes: Sqlalchemy ma...
PYSEC-2022-260
Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin...
Malicious code in babel-plugin-transform3react-remove-prop-t8pes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00b3d70f4d8d97db890539838285400fdd678a273c24916e49a3ec846ae4f7af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babel-plugin-transfvrm-rvntime (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a81b30912fad1ce99bf876e2494d9b453fb18c220c6bb64401b3ef47b177394 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babel-pzugin-transform-es2015-modues-commonjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f487dcb86915ec1bb46550b2f2a4b5cc2d0deb6cdabc7fb8b3ca164467e27876 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babel-lugin-dynamic-i9port-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15795da980aca09e89837d11f5565a68c61e5b779062fae4eb410f3a24bddbc6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1404 Malicious code in babel-lugin-dynamic-i9port-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15795da980aca09e89837d11f5565a68c61e5b779062fae4eb410f3a24bddbc6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1409 Malicious code in babel-plugin-transfvrm-rvntime (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a81b30912fad1ce99bf876e2494d9b453fb18c220c6bb64401b3ef47b177394 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1408 Malicious code in babel-plugin-transform3react-remove-prop-t8pes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00b3d70f4d8d97db890539838285400fdd678a273c24916e49a3ec846ae4f7af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babelplugintransfomreactremoveproptypes (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 118d5e800455cde3fd9da5c424f41242c449f5bdb4665b9f989cffe0d63e215c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in babelpugintransformreactjsx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c5382dcc5be3a730f882330e09a06e62a180f32a8cb289d9f1dcd438ca6e2d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1435 Malicious code in babelpugintransformreactjsx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c5382dcc5be3a730f882330e09a06e62a180f32a8cb289d9f1dcd438ca6e2d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...