9.6 High
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.8%
The package total4 before 0.0.43 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.
github.com/totaljs/framework4/blob/master/utils.js%23L5430-L5455
github.com/totaljs/framework4/commit/8a72d8c20f38bbcac031a76a51238aa528f68821
snyk.io/vuln/SNYK-JS-TOTAL4-1130527