VYPR

Node Serialize

by Node Serialize Project

CVEs (1)

  • CVE-2017-5941CriFeb 9, 2017
    risk 0.72cvss 9.8epss 0.61

    An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).