VYPR

npm package

dom-iterator

pkg:npm/dom-iterator

Vulnerabilities (1)

  • CVE-2024-21541HigNov 13, 2024
    affected < 1.0.1fixed 1.0.1

    Versions of the package dom-iterator before 1.0.1 are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care must be given to ensure that the inputs to Function are no