VDB
EN
CRITICAL 9.8

GHSA-fw2f-7f87-5r6c

Improper Input Validation in access-policy

상세

access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the `template` function is executed by the `eval` function resulting in code execution.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

npm / access-policy
최초 영향 버전: 0

No fixed version published yet for access-policy (npm). Pin to a known-safe version or switch to an alternative.

참고