Prototype Pollution

Overview @orpc/client is a Affected versions of this package are vulnerable to Prototype Pollution via the deserialize function in StandardRPCJsonSerializer. An attacker can inject arbitrary properties into the global Object.prototype by sending specially crafted payloads containing dangerous...

EUVD-2025-31172

Malicious code in bioql PyPI...

The vulnerability of the deserialize() function in the Jwcrypto Python library, which allows a hacker to trigger a denial-of-service attack.

The vulnerability of the deserialize function in the JavaScript library used by Jwcrypto for cryptography involves an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause service failure by sending a specially created JWE tok...

CVE-2022-28948

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input...

CoAPthon Serialize.deserialize() method denial of service vulnerability

CoAPthon is an RFC compliant python library for the CoAP protocol. A denial of service vulnerability exists in the Serialize.deserialize method in CoAPthon 3 version 1.0 and version 1.0.1. An attacker can exploit the vulnerability to cause applications using this library e.g., standard coap serve...