CNNVD-202601-4378 Information
Jan 26, 2026
cve
CNNVD ID
CNNVD-202601-4378
Related CVE
- CNNVD Published: 2026-01-26
Description (Chinese)
ESLint是ESLint开源的一个查找并修复JavaScript代码中的问题的工具。 ESLint 9.26.0之前版本存在安全漏洞,该漏洞源于序列化具有循环引用的对象时进入无限递归,可能导致栈溢出。
Description (English)
ESLint is a tool for finding and repairing problems in the JavaScript code from the ESLint open source. The previous version of ESLint 9.26.0 had a security loophole, which originated in the infinity of the return when sequenced objects had a circular reference, which could lead to spills.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
ESLint
Published
2026-01-26
Last Modified
2026-02-24
References
https://gist.github.com/lyyffee/2ee1815e5c2da82c05e9838b9bfefbbc https://github.com/eslint/eslint/issues/19646
Patch
https://github.com/eslint/eslint/releases
Share on: