Skip to content

Security issue serialize-javascript prior to 3.1.0 allows remote attackersΒ #17912

New issue
New issue
Closed
#17917
#17918
Closed
Security issue serialize-javascript prior to 3.1.0 allows remote attackers#17912
#17917
#17918
Labels
area: @angular-devkit/build-angularfreq3: highseverity6: securitytype: bug/fix
Milestone
Β 
Backlog
@marinaua

Description

@marinaua
marinaua
opened on Jun 11, 2020

πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘

@angular-devkit/build-angular/0.901.8 Β» terser-webpack-plugin/2.3.5
Β» serialize-javascript/2.1.2

serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js".

πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘πŸ›‘

Metadata

Metadata

Assignees

No one assigned

    Labels

    area: @angular-devkit/build-angularfreq3: highseverity6: securitytype: bug/fix

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions