CVE-2022-21122

Posted on by admin

CVE-2022-21122

The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript’s Math class to the v8 context. As the Math class is exposed to user-land, it can be used to get access to JavaScript’s Function constructor.

Source: CVE-2022-21122

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다