VYPR

npm package

node-serialize

pkg:npm/node-serialize

Vulnerabilities (1)

  • CVE-2017-5941CriFeb 9, 2017
    affected <= 0.0.4

    An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).