fsevents 1.0.8
1 security vulnerability
found in version
1.0.8
Code injection in fsevents
critical severity CVE-2023-45311
critical severity
CVE-2023-45311
Affected versions:
<= 1.2.10
fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project (that depends on fsevents) distributes code that was obtained from that URL at a time when it was controlled by an adversary.
Author did not declare license for this package in the source code.
This package version has a MIT license in the source code, however it was not declared in the source code.
This package version is available.
This package version has not been yanked and is still available for usage.