Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
serialize-to-js project serialize-to-js vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-16772
The serialize-to-js NPM package before version 3.0.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementati...
Serialize-to-js Project Serialize-to-js
7.5
CVSSv3
CVE-2017-15871
The deserialize function in serialize-to-js up to and including 1.1.1 allows malicious users to cause a denial of service via vectors involving an Immediately Invoked Function Expression "function()" substring, as demonstrated by a "function(){console.log(" ca...
Serialize-to-js Project Serialize-to-js
9.8
CVSSv3
CVE-2017-5954
An issue exists in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).
Serialize-to-js Project Serialize-to-js 0.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started