CVE-2023-45311

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
7
PROJECTS

Description

fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project (that depends on fsevents) distributes code that was obtained from that URL at a time when it was controlled by an adversary. NOTE: some sources feel that this means that no version is affected any longer, because the URL is not controlled by an adversary.

fsevents/fsevents
fsevents/fsevents
Native access to MacOS FSEvents in Node.js
GitHubGitHub
568
cloudflare/hugo-cloudflare-docs
cloudflare/hugo-cloudflare-docs
GitHubGitHub
16
atlassian/react-immutable-proptypes
atlassian/react-immutable-proptypes
PropType validators that work with Immutable.js.
GitHubGitHub
cloudflare/redux-grim
cloudflare/redux-grim
GitHubGitHub
21
cloudflare/authr
cloudflare/authr
:key: a flexible and expressive approach to access-control
GitHubGitHub
53
cloudflare/serverless-cloudflare-workers
cloudflare/serverless-cloudflare-workers
Serverless provider plugin for Cloudflare Workers
GitHubGitHub
183
atlassian/moo
atlassian/moo
Optimised tokenizer/lexer generator! 🐄 Uses /y for performance. Moo.
GitHubGitHub