Vulnerabilities > Totaljs > Total JS > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-07-12 CVE-2021-23389 Code Injection vulnerability in Totaljs Total.Js
The package total.js before 3.4.9 are vulnerable to Arbitrary Code Execution via the U.set() and U.get() functions.
network
low complexity
totaljs CWE-94
critical
 9.8
9.8
2021-03-04 CVE-2021-23344 Code Injection vulnerability in Totaljs Total.Js
The package total.js before 3.4.8 are vulnerable to Remote Code Execution (RCE) via set.
network
low complexity
totaljs CWE-94
critical
 9.8
9.8