Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
binary-parser 2.0.3 | Vulnerabilities | Sonatype Guide
npm
binary-parser
2.0.3
binary-parser 2.0.3
Published
May 9, 2022
•
Policy
compliance
npm Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
36
Versions
36
Vulnerabilities
1
Vulnerabilities
1
Dependencies
0
Dependencies
0
Reset filters
Severity
Critical
(0)
High
(0)
Medium
(1)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
6.9
CVE-2026-1245
A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without sanitization, enabling attackers to execute arbitrary code in the context of the Node.js process.
affected
Severity
Medium
Published
Jan 21, 2026
