Skip to content

Code injection in nobelprizeparser

Critical
AnneTheDev published GHSA-4wv4-mgfq-598v Feb 23, 2021

Package

npm nobelprizeparser (npm)

Affected versions

< 1.0.2

Patched versions

1.0.2

Description

Code injection through use of eval.

Severity

Critical

CVE ID

No known CVE

Weaknesses