serialize-javascript@1.7.0 vulnerabilities
Serialize JavaScript to a superset of JSON that includes regular expressions and functions.
-
latest version
6.0.2
-
latest non vulnerable version
-
first published
10 years ago
-
latest version published
4 months ago
-
licenses detected
- >=1.1.2
Direct Vulnerabilities
Known vulnerabilities in the serialize-javascript package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to unsanitized URLs. An Attacker can introduce unsafe How to fix Cross-site Scripting (XSS)? Upgrade |
<6.0.2
|
serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Arbitrary Code Injection. An object like PoC
How to fix Arbitrary Code Injection? Upgrade |
<3.1.0
|
serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It does not properly sanitize against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of NOTE: This vulnerability has also been identified as: CVE-2019-16769 How to fix Cross-site Scripting (XSS)? Upgrade |
<2.1.1
|
serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It does not properly sanitize against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of NOTE: This vulnerability has also been identified as: CVE-2019-16772 How to fix Cross-site Scripting (XSS)? Upgrade |
<2.1.1
|