Количество 2
Количество 2
CVE-2017-5941
почти 9 лет назад
An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).
CVSS3: 9.8
EPSS: Высокий
GHSA-q4v7-4rhw-9hqm
больше 7 лет назад
Code Execution through IIFE in node-serialize
CVSS3: 9.8
EPSS: Высокий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-5941 An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE). | CVSS3: 9.8 | 78% Высокий | почти 9 лет назад |
| GHSA-q4v7-4rhw-9hqm Code Execution through IIFE in node-serialize | CVSS3: 9.8 | 78% Высокий | больше 7 лет назад |
Уязвимостей на страницу
20