Eslint Utils
1 CVEs
product
Monthly
In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RCE
Eslint Utils
NVD
GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2019-15657
npm
EPSS 2%
CVSS 9.8
CRITICAL
PATCH
Act Now
In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RCE
Eslint Utils
NVD
GitHub