GHSA-7fhm-mqm4-2wp7
Suggest an improvement- Source
- https://github.com/advisories/GHSA-7fhm-mqm4-2wp7
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/03/GHSA-7fhm-mqm4-2wp7/GHSA-7fhm-mqm4-2wp7.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-7fhm-mqm4-2wp7
- Withdrawn
- 2020-04-03T21:47:06Z
- Published
- 2020-03-13T20:36:16Z
- Modified
- 2020-04-03T21:54:52Z
- Summary
- Withdrawn: ESLint dependencies are vulnerable (ReDoS and Prototype Pollution)
- Details
-
Withdrawn GitHub has withdrawn this advisory in place of GHSA-vh95-rmgr-6w4m and GHSA-6chw-6frg-f759. The reason for withdrawing is that some mistakes were made during the ingestion of CVE-2020-7598 which caused this advisory to be published with incorrect information.
In order to provide accurate advisory information, new advisories were created:
- minimist: https://github.com/advisories/GHSA-vh95-rmgr-6w4m
- acorn: https://github.com/advisories/GHSA-6chw-6frg-f759
- Database specific
{ "github_reviewed": true, "nvd_published_at": null, "cwe_ids": [], "github_reviewed_at": "2020-03-13T20:21:06Z", "severity": "MODERATE" }- References
Affected packages
npm / minimist
Package
- Name
- minimist
- View open source insights on deps.dev
- Purl
- pkg:npm/minimist
npm / acorn
Package
- Name
- acorn
- View open source insights on deps.dev
- Purl
- pkg:npm/acorn
npm / acorn
Package
- Name
- acorn
- View open source insights on deps.dev
- Purl
- pkg:npm/acorn
npm / acorn
Package
- Name
- acorn
- View open source insights on deps.dev
- Purl
- pkg:npm/acorn
npm / acorn
Package
- Name
- acorn
- View open source insights on deps.dev
- Purl
- pkg:npm/acorn