CVE List

CVE-2021-23410

Severe 9.8

All versions of package msgpack are vulnerable to Deserialization of Untrusted Data via the unpack function. N.B: this affects the NPM package [msgpack](https://www.npmjs.com/package/msgpack) only, NOT the more popular package [@msgpack/msgpack](https://www.npmjs.com/package/@msgpack/msgpack).

Published July 21, 2021.

Affected software

Reference links

Sign Up for Alerts