Withdrawn: ESLint dependencies are vulnerable (ReDoS and Prototype Pollution)

Withdrawn GitHub has withdrawn this advisory in place of GHSA-vh95-rmgr-6w4m and GHSA-6chw-6frg-f759. The reason for withdrawing is that some mistakes were made during the ingestion of CVE-2020-7598 which caused this advisory to be published with incorrect information.

In order to provide accurate advisory information, new advisories were created:

minimist: https://github.com/advisories/GHSA-vh95-rmgr-6w4m
acorn: https://github.com/advisories/GHSA-6chw-6frg-f759

Published: Mar 13, 2020
Updated: Apr 14, 2023
GHSA: GHSA-7fhm-mqm4-2wp7
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
minimist	-	1.2.2
acornjs / acorn	-	5.7.4
acornjs / acorn	6.0.0	6.4.1
acornjs / acorn	7.0.0	7.1.1

No references available.

Vulnerability Database

290,278

Withdrawn: ESLint dependencies are vulnerable (ReDoS and Prototype Pollution)