NodeJS/fsevents/1.2.7
Native Access to MacOS FSEvents
https://www.npmjs.com/package/fsevents
MIT
1 Security Vulnerabilities
Code injection in fsevents
Published date: 2023-10-06T21:30:49Z
CVE: CVE-2023-45311
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2023-45311
- https://github.com/atlassian/moo/blob/56ccbdd41b493332bc2cd7a4097a5802594cdb9c/package-lock.json#L1901-L1902
- https://github.com/atlassian/react-immutable-proptypes/blob/ddb9fa5194b931bf7528eb4f2c0a8c3434f70edd/package-lock.json#L153
- https://github.com/cloudflare/authr/blob/3f6129d97d06e61033a7f237d84e35e678db490f/ts/package-lock.json#L1512
- https://github.com/cloudflare/hugo-cloudflare-docs/blob/e0f7cfa195af8ef1bfa51a487be7d34ba298ed06/package-lock.json#L494
- https://github.com/cloudflare/redux-grim/blob/b652f99f95fb16812336073951adc5c5a93e2c23/package-lock.json#L266-L267
- https://github.com/cloudflare/serverless-cloudflare-workers/blob/e95e1e9c9770ed9a3d9480c1fa73e64391268354/package-lock.json#L737
- https://github.com/fsevents/fsevents/compare/v1.2.10...v1.2.11
- https://github.com/fsevents/fsevents/commit/909af26846834642c81d19f4148afa3b7557b058
- https://github.com/advisories/GHSA-8r6j-v8pm-fqw3
- https://security.snyk.io/vuln/SNYK-JS-FSEVENTS-5487987
fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project (that depends on fsevents) distributes code that was obtained from that URL at a time when it was controlled by an adversary.
Affected versions:
["0.1.1", "0.1.3", "0.1.4", "0.1.5", "0.1.6", "0.2.0", "0.3.0", "0.3.1", "0.3.2", "0.3.3", "0.3.4", "0.3.5", "0.3.6", "0.3.7", "0.3.8", "1.0.0", "1.0.1", "1.0.2", "1.0.3", "1.0.4", "1.0.5", "1.0.6", "1.0.7", "1.0.8", "1.0.9", "1.0.10", "1.0.11", "1.0.12", "1.0.14", "1.0.15", "1.0.17", "1.0.18-0", "1.1.0", "1.1.1", "1.1.2", "1.1.3", "1.2.0", "1.2.2", "1.2.3", "1.2.4", "1.2.6", "1.2.7", "1.2.8", "1.2.9", "1.2.10"]
Secure versions:
[2.0.0, 2.0.1, 2.0.2-pre-1, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.1.0, 2.1.1, 2.1.2, 1.2.11, 1.2.12, 2.1.3, 1.2.13, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.3.2, 2.3.3]
Recommendation:
Update to version 2.3.3.
67 Other Versions
Version | License | Security | Released | |
---|---|---|---|---|
0.1.1 | MIT | 1 | 2013-07-06 - 22:04 | almost 11 years |
0.1.3 | MIT | 1 | 2013-07-06 - 22:26 | almost 11 years |
0.1.4 | MIT | 1 | 2013-07-06 - 22:47 | almost 11 years |
0.1.5 | MIT | 1 | 2013-07-08 - 12:58 | almost 11 years |
0.1.6 | MIT | 1 | 2013-11-28 - 11:01 | over 10 years |
0.2.0 | MIT | 1 | 2014-01-31 - 22:45 | over 10 years |
0.3.0 | MIT | 1 | 2014-08-19 - 22:00 | almost 10 years |
0.3.1 | MIT | 1 | 2014-11-04 - 23:57 | over 9 years |
0.3.2 | MIT | 1 | 2015-01-15 - 18:16 | over 9 years |
0.3.3 | MIT | 1 | 2015-01-15 - 18:25 | over 9 years |
0.3.4 | MIT | 1 | 2015-01-15 - 18:47 | over 9 years |
0.3.5 | MIT | 1 | 2015-01-27 - 17:33 | over 9 years |
0.3.6 | MIT | 1 | 2015-05-05 - 11:40 | about 9 years |
0.3.7 | MIT | 1 | 2015-07-30 - 21:22 | almost 9 years |
0.3.8 | MIT | 1 | 2015-08-06 - 20:53 | almost 9 years |
1.0.0 | MIT | 1 | 2015-09-09 - 16:28 | over 8 years |
1.0.1 | MIT | 1 | 2015-09-29 - 13:33 | over 8 years |
1.0.2 | MIT | 1 | 2015-10-06 - 16:54 | over 8 years |
1.0.3 | MIT | 1 | 2015-11-03 - 17:42 | over 8 years |
1.0.4 | MIT | 1 | 2015-11-04 - 17:44 | over 8 years |
1.0.5 | MIT | 1 | 2015-11-05 - 00:03 | over 8 years |
1.0.6 | MIT | 1 | 2015-12-10 - 14:02 | over 8 years |
1.0.7 | MIT | 1 | 2016-02-03 - 15:12 | over 8 years |
1.0.8 | MIT | 1 | 2016-02-23 - 10:24 | about 8 years |
1.0.9 | MIT | 1 | 2016-03-23 - 20:30 | about 8 years |
1.0.10 | MIT | 1 | 2016-03-31 - 18:16 | about 8 years |
1.0.11 | MIT | 1 | 2016-03-31 - 19:18 | about 8 years |
1.0.12 | MIT | 1 | 2016-04-29 - 14:34 | about 8 years |
1.0.14 | MIT | 1 | 2016-07-18 - 12:56 | almost 8 years |
1.0.15 | MIT | 1 | 2016-11-02 - 23:38 | over 7 years |
1.0.17 | MIT | 1 | 2017-01-04 - 22:25 | over 7 years |
1.0.18-0 | MIT | 1 | 2017-02-19 - 16:55 | about 7 years |
1.1.0 | MIT | 1 | 2017-02-19 - 17:47 | about 7 years |
1.1.1 | MIT | 1 | 2017-02-20 - 05:18 | about 7 years |
1.1.2 | MIT | 1 | 2017-06-13 - 04:40 | almost 7 years |
1.1.3 | MIT | 1 | 2017-11-10 - 22:23 | over 6 years |
1.2.0 | MIT | 1 | 2018-04-20 - 14:59 | about 6 years |
1.2.2 | MIT | 1 | 2018-04-23 - 15:58 | about 6 years |
1.2.3 | MIT | 1 | 2018-04-27 - 17:30 | about 6 years |
1.2.4 | MIT | 1 | 2018-05-15 - 14:49 | about 6 years |
1.2.8 | MIT | 1 | 2019-04-16 - 16:45 | about 5 years |
1.2.6 | MIT | 1 | 2019-01-15 - 19:22 | over 5 years |
1.2.10 | MIT | 1 | 2019-12-13 - 11:25 | over 4 years |
1.2.9 | MIT | 1 | 2019-04-29 - 16:17 | about 5 years |
1.2.7 | MIT | 1 | 2019-01-18 - 15:54 | over 5 years |
2.0.0 | MIT | 2018-11-10 - 13:45 | over 5 years | |
2.0.2-pre-1 | MIT | 2018-12-29 - 10:57 | over 5 years | |
2.0.4 | MIT | 2019-04-16 - 15:19 | about 5 years | |
2.0.5 | MIT | 2019-04-16 - 16:50 | about 5 years | |
2.0.1 | MIT | 2018-11-10 - 14:25 | over 5 years | |
2.0.3 | MIT | 2019-04-01 - 13:51 | about 5 years | |
2.0.7 | MIT | 2019-05-16 - 13:07 | about 5 years | |
2.1.0 | MIT | 2019-10-01 - 00:52 | over 4 years | |
2.1.1 | MIT | 2019-10-14 - 00:14 | over 4 years | |
2.1.2 | MIT | 2019-11-09 - 17:08 | over 4 years | |
2.0.6 | MIT | 2019-04-16 - 19:19 | about 5 years | |
1.2.11 | MIT | 2019-12-14 - 11:28 | over 4 years | |
1.2.12 | MIT | 2020-03-19 - 09:14 | about 4 years | |
2.1.3 | MIT | 2020-04-22 - 08:48 | about 4 years | |
1.2.13 | MIT | 2020-05-05 - 21:06 | about 4 years | |
2.2.0 | MIT | 2020-11-03 - 12:58 | over 3 years | |
2.2.1 | MIT | 2020-11-05 - 16:51 | over 3 years | |
2.2.2 | MIT | 2021-01-05 - 02:47 | over 3 years | |
2.3.0 | MIT | 2021-01-05 - 11:06 | over 3 years | |
2.3.1 | MIT | 2021-01-05 - 15:23 | over 3 years | |
2.3.2 | MIT | 2021-02-05 - 14:46 | over 3 years | |
2.3.3 | MIT | 2023-08-21 - 16:24 | 9 months |