漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
javascript-deobfuscator crafted payload can lead to code execution
Vulnerability Description
javascript-deobfuscator removes common JavaScript obfuscation techniques. In affected versions crafted payloads targeting expression simplification can lead to code execution. This issue has been patched in version 1.1.0. Users are advised to update. Users unable to upgrade should disable the expression simplification feature.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
JavaScript deobfuscator 安全漏洞
Vulnerability Description
JavaScript deobfuscator是Ben个人开发者的一个简单但功能强大的反混淆器。 JavaScript deobfuscator 1.1.0之前版本存在安全漏洞,该漏洞源于针对表达式简化的精心设计的有效载荷可能会导致代码执行。
CVSS Information
N/A
Vulnerability Type
N/A