Open schubon opened 5 years ago
Vulnerable versions: < 4.18.2 Patched version: 4.18.2
A vulnerability was descovered in eslint before 4.18.2. One of the regexes in eslint is vulnerable to catastrophic backtracking.
Upgrade eslint to version 4.18.2 or later. For example:
"dependencies": { "eslint": ">=4.18.2" }
or…
"devDependencies": { "eslint": ">=4.18.2" }
Always verify the validity and compatibility of suggestions with your codebase.
Details
WS-2018-0347
Vulnerable versions: < 4.18.2 Patched version: 4.18.2
A vulnerability was descovered in eslint before 4.18.2. One of the regexes in eslint is vulnerable to catastrophic backtracking.
WS-2018-0592
Vulnerable versions: < 4.18.2 Patched version: 4.18.2
A vulnerability was descovered in eslint before 4.18.2. One of the regexes in eslint is vulnerable to catastrophic backtracking.
Remediation
Upgrade eslint to version 4.18.2 or later. For example:
or…
Always verify the validity and compatibility of suggestions with your codebase.