VYPR

npm package

@eslint/plugin-kit

pkg:npm/%40eslint/plugin-kit

Vulnerabilities (1)

  • CVE-2024-21539HigNov 19, 2024
    affected < 0.2.3fixed 0.2.3

    Versions of the package @eslint/plugin-kit before 0.2.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by exploiting this vulnerability.