Matthewmueller

matthewmueller

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Dom Iterator

dom-iterator

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-21541 1Matthewmueller 1Dom Iterator Jun 17, 2026 Nov 13, 2024 5.5 MEDIUM· v4 9.8 CRITICAL· v3 N/A· v2 Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus car...Show more Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-21541

1Matthewmueller

1Dom Iterator

Jun 17, 2026

Nov 13, 2024

5.5 MEDIUM· v4

9.8 CRITICAL· v3

N/A· v2

Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are not attacker-controlled. The risks involved are similar to that of allowing attacker-controlled input to reach eval.Show less