You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
js-deobfuscator is an A simple but powerful deobfuscator to remove common JavaScript obfuscation techniques. Open an issue if there is a feature you think should be implemented.
Affected versions of this package are vulnerable to Code Injection through crafted payloads targeting expression simplification. An attacker can execute arbitrary code by exploiting improperly handled input in the expression simplification feature.
Workaround
This vulnerability can be mitigated by disabling the expression simplification feature.
Remediation
Upgrade js-deobfuscator to version 1.1.0 or higher.
Detailed paths
Overview
js-deobfuscator is an A simple but powerful deobfuscator to remove common JavaScript obfuscation techniques. Open an issue if there is a feature you think should be implemented.
Affected versions of this package are vulnerable to Code Injection through crafted payloads targeting expression simplification. An attacker can execute arbitrary code by exploiting improperly handled input in the expression simplification feature.
Workaround
This vulnerability can be mitigated by disabling the expression simplification feature.
Remediation
Upgrade
js-deobfuscatorto version 1.1.0 or higher.References
SNYK-JS-JSDEOBFUSCATOR-7176000
(CVE-2024-36120) [email protected]
The text was updated successfully, but these errors were encountered: