SUSE CVE-2023-45133

Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...

Debian DSA-5528-1 : node-babel7 - security update

The remote Debian 11 / 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5528 advisory. - Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile...

UBUNTU-CVE-2023-45133

Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...

CVE-2023-45133

Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...

Code injection

Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...

CVE-2023-45133

CVE-2023-45133 affects Babel’s traversal layer. The issue allows arbitrary code execution during compilation when compiling code crafted by an attacker via plugins that rely on path.evaluate() or path.evaluateTruthy(). Affected in: @babel/traverse prior to 7.23.2 and 8.0.0-alpha.4, and all versio...

CVE-2023-45133 Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code

Babel is a compiler for writingJavaScript. In @babel/traverse prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of babel-traverse, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that re...

MAL-2022-1409 Malicious code in babel-plugin-transfvrm-rvntime (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a81b30912fad1ce99bf876e2494d9b453fb18c220c6bb64401b3ef47b177394 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in babelplugintransfomreactremoveproptypes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 118d5e800455cde3fd9da5c424f41242c449f5bdb4665b9f989cffe0d63e215c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in babelpugintransformreactjsx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c5382dcc5be3a730f882330e09a06e62a180f32a8cb289d9f1dcd438ca6e2d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1420 Malicious code in babelllugintransformes2015modulescommonjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85a16e3db18168e71a2eeec8f9190a55ae782642089ef8b41719535a6a434a82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

be-iq_shared-styled-components (=0.0.26) potentially affected by unknown CVE via plugin-transform-react-jsx (=0.0.1-security)

plugin-transform-react-jsx NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on plugin-transform-react-jsx and may be impacted: - be-iqshared-styled-components =0.0.26 Source cves: unknown CVE Source advisory: OSV:MAL-2022-5373...

Malicious code in plugin-transform-react-jsx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f27c2a663077678179b48cd4851aa8b5aa144a1d4ef1e3bb2cf05526d0b1c7c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5374 Malicious code in plugin-transform-typeof-symbol (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d37e14c9688f52a303b8670134fee30325028b9e1c7cf0ca5c0873e69ed3016 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...