Lucene search
+L

10 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-3277

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.01052EPSS
Exploits1References5
osv
osv
added 2024/11/13 6:30 a.m.9 views

GHSA-JRVM-MCXC-MF6M dom-iterator code execution vulnerability

Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...

7.3CVSS8.5AI score0.01052EPSS
Exploits1References5
github
github
added 2024/11/13 6:30 a.m.18 views

dom-iterator code execution vulnerability

Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...

9.8CVSS8.5AI score0.01052EPSS
Exploits1References5Affected Software1
nvd
nvd
added 2024/11/13 5:15 a.m.14 views

CVE-2024-21541

Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...

9.8CVSS0.01052EPSS
Exploits1References3
cve
cve
added 2024/11/13 5:0 a.m.84 views

CVE-2024-21541

CVE-2024-21541 affects the npm package dom-iterator prior to version 1.0.1 . The vulnerability stems from use of the Function constructor without complete input sanitization, allowing an attacker-controlled input to generate a new function body, with risks similar to eval. This is corroborated by...

9.8CVSS8.6AI score0.01052EPSS
Exploits1References3Affected Software1
vulnrichment
vulnrichment
added 2024/11/13 5:0 a.m.11 views

CVE-2024-21541

Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...

7.3CVSS8.6AI score0.01052EPSS
Exploits1References3
cvelist
cvelist
added 2024/11/13 5:0 a.m.21 views

CVE-2024-21541

Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...

7.3CVSS0.01052EPSS
Exploits1References3
cnnvd
cnnvd
added 2024/11/13 12:0 a.m.3 views

npm dom-iterator 代码注入漏洞

npm dom-iterator is a feature-rich, fully tested iterator for traversing DOM nodes from US-based npm. A code injection vulnerability exists in npm dom-iterator that stems from the use of a Function constructor that does not fully filter input...

9.8CVSS7.2AI score0.01052EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2024/11/13 12:0 a.m.12 views

PT-2024-18954 · Unknown · Dom-Iterator

Name of the Vulnerable Software and Affected Versions: dom-iterator versions prior to 1.0.1 Description: The issue is related to Arbitrary Code Execution due to the use of the Function constructor without complete input sanitization. This allows an attacker to generate a new function body, posing...

9.8CVSS7.6AI score0.01052EPSS
Exploits1References12
snyk
snyk
added 2024/01/15 3:6 p.m.4 views

Arbitrary Code Execution

Overview dom-iterator is a feature-rich, well-tested Iterator for traversing DOM nodes. Affected versions of this package are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care mus...

9.8CVSS7.6AI score0.01052EPSS
Exploits1References2
Rows per page
Query Builder