The CVE DB is usually pretty backlogged. This[1] is the defacto NPM "CVE DB" and...

thephyber on July 12, 2018 | parent | context | favorite | on: ESLint compromised, may have stolen your credentia...

The CVE DB is usually pretty backlogged. This[1] is the defacto NPM "CVE DB" and describes the two modules[2][3] affected by this incident that ESLint and NPM acknowledge.

[1] https://nodesecurity.io/advisories

[2] https://nodesecurity.io/advisories/673

[3] https://nodesecurity.io/advisories/674