90 matches found
serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization
A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...
serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization
A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...
serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization
A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...
ROOT-APP-NPM-GHSA-5C6J-R48X-RMVQ GHSA-5c6j-r48x-rmvq in @rootio/serialize-javascript - Patched by Root
Root has patched GHSA-5c6j-r48x-rmvq in the @rootio/serialize-javascript package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-34043 CVE-2026-34043 in @rootio/serialize-javascript - Patched by Root
Root has patched CVE-2026-34043 in the @rootio/serialize-javascript package for Root:npm. Multiple fixed versions available...
RockyLinux 10 : .NET 8.0 (RLSA-2026:21286)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21286 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infini...
MiracleLinux 8 : dotnet8.0-8.0.127-1.el8_10.ML.1 (AXSA:2026-756:09)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-756:09 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET:...
RLSA-2026:21293 Important: .NET 8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.127 and .NET Runtime...
RockyLinux 9 : .NET 8.0 (RLSA-2026:21293)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21293 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinit...
RockyLinux 8 : .NET 8.0 (RLSA-2026:21291)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21291 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinit...
AlmaLinux 8 : .NET 8.0 (ALSA-2026:21291)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21291 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinite...
AlmaLinux 9 : .NET 8.0 (ALSA-2026:21293)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21293 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinite...
AlmaLinux 10 : .NET 8.0 (ALSA-2026:21286)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21286 advisory. serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization CVE-2026-34043 dotnet: .NET: infinit...
serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization
A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...
serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization
A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...
serialize-javascript: serialize-javascript: Denial of Service via specially crafted array-like object serialization
A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...
ALSA-2026:21293 Important: .NET 8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.127 and .NET Runtime...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service (CVE-2026-34043)
Summary Node.js module serialize-javascript is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in...
CVE-2026-34043
A flaw was found in serialize-javascript. An attacker can exploit this vulnerability by providing a specially crafted "array-like" object with an excessively large length property during the serialization process. This action causes the application to enter an intensive loop, leading to 100% CPU...
CVE-2026-34043
CVE-2026-34043 affects the Node.js module serialize-javascript. The vulnerability causes a DoS via CPU exhaustion when serializing a specially crafted array-like object with a very large length, leading to a 100% CPU loop and hang. This is fixed in version 7.0.5; affected deployments should upgra...