@babel/core: Arbitrary File Read via sourceMappingURL Comment
Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: the attacker controls the input source code the attacker can read the output source code the attacker knows the path of the source map file that they want to read Users that only compile trusted code are not impacted.