alexghr (Alex Gherghisan) got-fetch 5.1.1 for Node.js
Approved changes feed: RSS · Atom
cpe:2.3:a:alexghr:got-fetch:5.1.1:*:*:*:*:node.js:*:*
part: a version: 5.1.1 update: *
| Vendor | Alexghr (217b7017-1b20-5faf-8758-3ae5d1fe5eae) |
|---|---|
| Product | Got Fetch (b7ae979f-986b-5533-8cd5-2026d6546dc9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | node.js |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/alexghr/got-fetch |
purl2cpe | 2026-06-01 10:12:21.160336 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-54313 |
vulnerable | 2026-06-08 07:33:12.339790 |
Details available
HIGH (7.5)
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.
Published: 2025-07-19T00:00:00.000Z
Updated: 2026-02-26T17:50:26.767Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.