Количество 2
Количество 2
CVE-2017-5954
почти 9 лет назад
An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).
CVSS3: 9.8
EPSS: Низкий
GHSA-mm62-wxc8-cf7m
больше 7 лет назад
Code Execution Through IIFE in serialize-to-js
CVSS3: 9.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-5954 An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE). | CVSS3: 9.8 | 0% Низкий | почти 9 лет назад |
| GHSA-mm62-wxc8-cf7m Code Execution Through IIFE in serialize-to-js | CVSS3: 9.8 | 0% Низкий | больше 7 лет назад |
Уязвимостей на страницу
20