CVE-2023-1283: Improper Control of Generation of Code ('Code Injection')

March 9, 2023 (updated March 10, 2023)

Code Injection in GitHub repository builderio/qwik prior to 0.21.0.

References

github.com/advisories/GHSA-9wf9-qvvp-2929
github.com/builderio/qwik/commit/4d9ba6e098ae6e537aa55abb6b8369bb670ffe66
huntr.dev/bounties/63f1ff91-48f3-4886-a179-103f1ddd8ff8
nvd.nist.gov/vuln/detail/CVE-2023-1283

Detect and mitigate CVE-2023-1283 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →