CVE-2017-1001004

Summary

typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.

Affected Software

VendorProductVersion RangeStatus
typed-functiontyped-function0.10.6affected

Weaknesses

  • CWE-94: CWE-94: Improper Control of Generation of Code ('Code Injection')

ADP Enrichment

CVE Program Container

Additional References

References