Critical severityNVD Advisory· Published Dec 15, 2022· Updated Apr 21, 2025
CVE-2021-33420
CVE-2021-33420
Description
A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
replicatornpm | < 1.0.4 | 1.0.4 |
Affected products
2Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-hw46-vg6w-88fjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-33420ghsaADVISORY
- advisory.checkmarx.net/advisory/CX-2021-4787ghsaWEB
- github.com/inikulin/replicator/commit/2c626242fb4a118855262c64b5731b2ce98e521bghsaWEB
- github.com/inikulin/replicator/issues/16ghsaWEB
- github.com/inikulin/replicator/pull/17ghsaWEB
News mentions
0No linked articles in our index yet.