CVE-2017-1001004

Published: Nov 27, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.

Vendor	Product	Versions
typed-function	typed-function	affected `0.10.6`

Weaknesses (CWE)

CWE-94

References

https://github.com/josdejong/typed-function/commit/6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe

x_refsource_CONFIRM

https://github.com/josdejong/typed-function/blob/master/HISTORY.md#2017-11-18-version-0106

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-1001004

Description

Affected Products

Weaknesses (CWE)

References