Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2026-23957

Опубликовано: 22 янв. 2026
Источник: nvd
CVSS3: 7.5
EPSS Низкий

Описание

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, overriding encoded array lengths by replacing them with an excessively large value causes the deserialization process to significantly increase processing time. This issue has been fixed in version 1.4.1.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:lxsmnsyc:seroval:*:*:*:*:*:*:*:*
Версия до 1.4.1 (исключая)

EPSS

Процентиль: 8%
0.00027
Низкий

7.5 High

CVSS3

Дефекты

CWE-770

Связанные уязвимости

redhat логотип

CVE-2026-23957

CVSS3: 7.5
redhat
2 месяца назад

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, overriding encoded array lengths by replacing them with an excessively large value causes the deserialization process to significantly increase processing time. This issue has been fixed in version 1.4.1.

github логотип

GHSA-66fc-rw6m-c2q6

CVSS3: 7.5
github
2 месяца назад

Seroval affected by Denial of Service via Array serialization

EPSS

Процентиль: 8%
0.00027
Низкий

7.5 High

CVSS3

Дефекты

CWE-770