exploitDog

CVE-2025-54313

Опубликовано: 19 июл. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

Ссылки

EPSS

Процентиль: 3%

0.00015

Низкий

7.5 High

CVSS3

Дефекты

CWE-506

Связанные уязвимости

CVE-2025-54313

CVSS3: 7.5

redhat

5 месяцев назад

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

GHSA-f29h-pxvx-f335

CVSS3: 7.5

github

5 месяцев назад

eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall have embedded malicious code

EPSS

Процентиль: 3%

0.00015

Низкий

7.5 High

CVSS3

Дефекты

CWE-506