js-deobfuscator@1.0.17 vulnerabilities

A simple but powerful deobfuscator to remove common JavaScript obfuscation techniques. Open an issue if there is a feature you think should be implemented.

Direct Vulnerabilities

Known vulnerabilities in the js-deobfuscator package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Code Injection

js-deobfuscator is an A simple but powerful deobfuscator to remove common JavaScript obfuscation techniques. Open an issue if there is a feature you think should be implemented.

Affected versions of this package are vulnerable to Code Injection through crafted payloads targeting expression simplification. An attacker can execute arbitrary code by exploiting improperly handled input in the expression simplification feature.

How to fix Code Injection?

Upgrade js-deobfuscator to version 1.1.0 or higher.

<1.1.0