pkg:npm/crypto-js

2 total CVEsCRITICAL1MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2023-46233crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
    from 0, < 4.2.0
  • MEDIUM5.3CVE-2020-36732crypto-js uses insecure random numbers
    >= 3.2.0, < 3.2.1