Описание
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, overriding encoded array lengths by replacing them with an excessively large value causes the deserialization process to significantly increase processing time. This issue has been fixed in version 1.4.1.
EPSS
Процентиль: 14%
0.00047
Низкий
7.5 High
CVSS3
Дефекты
CWE-770
Связанные уязвимости
CVSS3: 7.5
github
17 дней назад
Seroval affected by Denial of Service via Array serialization
EPSS
Процентиль: 14%
0.00047
Низкий
7.5 High
CVSS3
Дефекты
CWE-770