PT-2017-14251 · Unknown · Serialize-To-Js

Name of the Vulnerable Software and Affected Versions: serialize-to-js versions 1.1.1 and earlier Description: The issue allows attackers to cause a denial of service via vectors involving an Immediately Invoked Function Expression "function" substring. This can be demonstrated by a...

Node-serialize Package For Node.js 'unserialize()' Function Arbitrary Code Execution Vulnerability

Node.js is an open source, cross-platform, runtime environment for server-side and web applications. Node.js has a security vulnerability in the node-serialize module that allows an attacker to execute arbitrary code via IIFE if the unserialize function input is not secure...