Description
In eslint-utils before 1.4.1, the getStaticValue function can execute arbitrary code.
Remediation
References
https://github.com/mysticatea/eslint-utils/security/advisories/GHSA-3gx7-xhv7-5mx3
Related Vulnerabilities
CVE-2019-10908 Vulnerability in maven package org.airsonic.player:airsonic-main
CVE-2022-23532 Vulnerability in maven package org.neo4j.procedure:apoc
CVE-2012-4449 Vulnerability in maven package org.apache.hadoop:hadoop-core
CVE-2023-22578 Vulnerability in npm package @sequelize/core
CVE-2021-35515 Vulnerability in maven package org.apache.commons:commons-compress