10 matches found
EUVD-2024-3277
Malicious code in bioql PyPI...
dom-iterator code execution vulnerability
Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...
GHSA-JRVM-MCXC-MF6M dom-iterator code execution vulnerability
Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...
CVE-2024-21541
Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...
CVE-2024-21541
Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...
CVE-2024-21541
Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not...
CVE-2024-21541
CVE-2024-21541 affects the npm package dom-iterator prior to version 1.0.1 . The vulnerability stems from use of the Function constructor without complete input sanitization, allowing an attacker-controlled input to generate a new function body, with risks similar to eval. This is corroborated by...
PT-2024-18954 · Unknown · Dom-Iterator
Name of the Vulnerable Software and Affected Versions: dom-iterator versions prior to 1.0.1 Description: The issue is related to Arbitrary Code Execution due to the use of the Function constructor without complete input sanitization. This allows an attacker to generate a new function body, posing...
npm dom-iterator 代码注入漏洞
npm dom-iterator is a feature-rich, fully tested iterator for traversing DOM nodes from US-based npm. A code injection vulnerability exists in npm dom-iterator that stems from the use of a Function constructor that does not fully filter input...
Arbitrary Code Execution
Overview dom-iterator is a feature-rich, well-tested Iterator for traversing DOM nodes. Affected versions of this package are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care mus...