Количество 2
Количество 2
CVE-2026-23736
seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, due to improper input validation, a malicious object key can lead to prototype pollution during JSON deserialization. This vulnerability affects only JSON deserialization functionality. This issue is fixed in version 1.4.1.
GHSA-hj76-42vx-jwp4
seroval Affected by Prototype Pollution via JSON Deserialization
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-23736 seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, due to improper input validation, a malicious object key can lead to prototype pollution during JSON deserialization. This vulnerability affects only JSON deserialization functionality. This issue is fixed in version 1.4.1. | CVSS3: 7.3 | 0% Низкий | 18 дней назад |
| GHSA-hj76-42vx-jwp4 seroval Affected by Prototype Pollution via JSON Deserialization | CVSS3: 7.3 | 0% Низкий | 18 дней назад |
Уязвимостей на страницу