Critical severity9.8NVD Advisory· Published Mar 4, 2021· Updated Jun 17, 2026
CVE-2021-23344
CVE-2021-23344
Description
The package total.js before 3.4.8 are vulnerable to Remote Code Execution (RCE) via set.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
total.jsnpm | < 3.4.8 | 3.4.8 |
Affected products
2- total.js/total.jsdescription
Patches
Vulnerability mechanics
References
4- github.com/totaljs/framework/commit/c812bbcab8981797d3a1b9993fc42dad3d246f04nvdPatchThird Party AdvisoryWEB
- snyk.io/vuln/SNYK-JS-TOTALJS-1077069nvdExploitPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-3wj8-vp9h-rm6mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-23344ghsaADVISORY
News mentions
0No linked articles in our index yet.