CVE-2023-45133CRITICAL≥ 0, < 7.23.2·≥ 8.0.0-alpha.0, < 8.0.0-alpha.42023-10-16
CVE-2023-45133 [CRITICAL] CWE-184 Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code
### Impact
Using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that rely on the `path.evaluate()`or `path.evaluateTruthy()` internal Babel methods.
Known affected plugins are
ghsaosv