Critical severityNVD Advisory· Published Mar 18, 2021· Updated Aug 3, 2024
CVE-2021-26275
CVE-2021-26275
Description
The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
eslint-fixernpm | <= 0.1.5 | — |
Affected products
2- eslint-fixer/eslint-fixerdescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-45w5-pvr8-4rh5ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-26275ghsaADVISORY
- advisory.checkmarx.net/advisory/CX-2021-4774ghsax_refsource_MISCWEB
- www.npmjs.com/package/eslint-fixerghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.