Skip to main content

Serialize Javascript

2 CVEs product

Monthly

CVE-2020-7660 npm HIGH PATCH This Week

serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js". Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

RCE Deserialization Serialize Javascript
NVD GitHub
CVSS 3.1
8.1
EPSS
3.0%
CVE-2019-16769 npm MEDIUM PATCH This Month

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Node.js Serialize Javascript
NVD GitHub
CVSS 3.1
5.4
EPSS
1.0%
EPSS 3% CVSS 8.1
HIGH PATCH This Week

serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js". Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

RCE Deserialization Serialize Javascript
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Node.js Serialize Javascript
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy