5 matches found
CVE-2026-49356
A flaw was found in @babel/core. This vulnerability allows an attacker, who controls the input source code and can read the output, to perform an arbitrary file read. By compiling maliciously crafted code containing a sourceMappingURL comment, the attacker can read any source map file from the...
CVE-2026-49356
Babel is a compiler for writing next generation JavaScript. Prior to 8.0.0-rc.6 and 7.29.6, @babel/core affected by an arbitrary file read via a sourceMappingURL comment. Using @babel/core to compile maliciously crafted code can allow an attacker to read any source map from the system that is...
EUVD-2022-0459
Malicious code in bioql PyPI...
Advisory ROSA-SA-2024-2536
software: re2c 3.1 AXIS: ROSA-CHROME packageevrstring: re2c-3.1-1 CVE-ID: CVE-2022-23901 BDU-ID: None CVE-Crit: CRITICAL. CVE-DESC.: The re2c 2.2 stack overflow is due to infinite recursion issues in src/dfa/deadrules.cc. CVE-STATUS: Fixed CVE-REV: To close, run the command: sudo dnf update re2c...
postcss 安全漏洞
Andrey Sitnik postcss is an open source application by Andrey Sitnik . Tool for converting styles using JS plug-ins . postcss 8.2.13 version before a security vulnerability , the vulnerability stems from vulnerability to regular expression denial-of-service attacks , vulnerable regular expression...