Описание
replicator vulnerable to Deserialization of Untrusted Data
A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.
Пакеты
Наименование
replicator
npm
Затронутые версииВерсия исправления
< 1.0.4
1.0.4
Связанные уязвимости
CVSS3: 9.8
nvd
около 3 лет назад
A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.