-react-file-list-components (=1.1.1), 00ld8nuivn (=2.1.0) +45876 more potentially affected by CVE-2026-34043 via serialize-javascript (>=5.0.0 <=7.0.4)

serialize-javascript NPM version =5.0.0, =0.1.0, =0.1.9 - 01dk01majk =2.1.0 - 02.aula =1.0.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 - 06buj9h3su =2.1.0 - 06dre15t8r =2.1.0 - 06p998toez =0.1.0 - 07fgapmu9l =1.1.0 - 07t2xvu6t4 =2.1.0 and more Source cves:...

Allocation of Resources Without Limits or Throttling

Overview org.webjars.npm:serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the serialize function when...

EUVD-2020-0628

Malware in sbrugna...

EUVD-2019-0792

Malware in sbrugna...

CVE-2024-11831

CVE-2024-11831 is a deserialization/XSS issue in the npm-serialize-javascript package. The impact is described as attackers potentially executing malicious code when serialized data is deserialized by a web browser. Connected docs confirm multiple vendors referencing this CVE: IBM Storage Ceph St...

PT-2025-6048

Name of the Vulnerable Software and Affected Versions npm-serialize-javascript versions up to 6.0.1 Description The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to injec...

0x0.icu.anima (=0.1.0), 1.1.0 (=1.0.0) +15467 more potentially affected by CVE-2020-7660 via serialize-javascript (>=1.0.0 <=3.0.0)

serialize-javascript NPM version =1.0.0, =6.2.0, =0.1.0, =0.0.1, =2.0.0, =0.1.0, =1.0.1, =0.1.0, =0.24.0, =0.29.0 and more Source cves: CVE-2020-7660 Source advisory: OSV:GHSA-HXCC-F52P-WC94...