PT-2023-9458 · Babel+3 · @Babel/Plugin-Transform-Runtime+6
Steakenthusiast
·
Publicado
2023-10-04
·
Atualizado
2026-06-04
·
CVE-2023-45133
CVSS v3.1
9.3
Crítica
| Vetor | AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
@babel/traverse versions prior to 7.23.2 and 8.0.0-alpha.4
babel-traverse (all versions)
Description
The issue is related to the
path.evaluate() or path.evaluateTruthy() internal Babel methods. Using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that rely on these methods. Known affected plugins are @babel/plugin-transform-runtime, @babel/preset-env when using its useBuiltIns option, and any "polyfill provider" plugin that depends on @babel/helper-define-polyfill-provider, such as babel-plugin-polyfill-corejs3, babel-plugin-polyfill-corejs2, babel-plugin-polyfill-es-shims, babel-plugin-polyfill-regenerator. Users that only compile trusted code are not impacted.Recommendations
- Upgrade
@babel/traverseto v7.23.2 or higher. - If you cannot upgrade
@babel/traverseand are using one of the affected packages mentioned above, upgrade them to their latest version to avoid triggering the vulnerable code path in affected@babel/traverseversions: @babel/plugin-transform-runtimev7.23.2@babel/preset-envv7.23.2@babel/helper-define-polyfill-providerv0.4.3babel-plugin-polyfill-corejs2v0.4.6babel-plugin-polyfill-corejs3v0.8.5babel-plugin-polyfill-es-shimsv0.10.0babel-plugin-polyfill-regeneratorv0.5.3
Exploit
Correção
Incomplete List of Disallowed Inputs
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
@Babel/Helper-Define-Polyfill-Provider
@Babel/Plugin-Transform-Runtime
@Babel/Preset-Env
@Babel/Traverse
Astra Linux
Bitbucket
Red Os