CVE-2021-33420

Published: Dec 15, 2022

Modified: Apr 21, 2025

PUBLISHED

Description

A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/inikulin/replicator/issues/16

https://github.com/inikulin/replicator/pull/17

https://github.com/inikulin/replicator/commit/2c626242fb4a118855262c64b5731b2ce98e521b

https://advisory.checkmarx.net/advisory/CX-2021-4787

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-33420

Description

Affected Products

References