EPSS
Percentile
83.2%
replicator is vulnerable to untrusted data deserialization. The vulnerability exists in the fromSerializable function in TypedArray object which allows a remote attacker to run arbitrary code due to an improper deserialization mechanism.
fromSerializable
TypedArray
advisory.checkmarx.net/advisory/CX-2021-4787
github.com/advisories/GHSA-hw46-vg6w-88fj
github.com/inikulin/replicator/commit/2c626242fb4a118855262c64b5731b2ce98e521b
github.com/inikulin/replicator/issues/16
github.com/inikulin/replicator/pull/17