constantinople@3.0.2

Vulnerabilities

1 via 1 paths

Dependencies

1

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

critical severity

Sandbox Bypass

  • Vulnerable module: constantinople
  • Introduced through: constantinople@3.0.2

Detailed paths

  • Introduced through: constantinople@3.0.2
    Remediation: Upgrade to constantinople@3.1.1.

Overview

constantinople is a Determine whether a JavaScript expression evaluates to a constant (using acorn)

Affected versions of this package are vulnerable to Sandbox Bypass which can lead to arbitrary code execution.

Remediation

Upgrade constantinople to version 3.1.1 or higher.

References