org.webjars.npm:serialize-javascript@1.7.0 vulnerabilities
-
latest version
6.0.1
-
first published
7 years ago
-
latest version published
10 months ago
-
licenses detected
- [1.3.0,6.0.1)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:serialize-javascript package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.webjars.npm:serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to unsanitized URLs. An Attacker can introduce unsafe How to fix Cross-site Scripting (XSS)? A fix was pushed into the |
[0,)
|
org.webjars.npm:serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Arbitrary Code Injection. An object like PoC
How to fix Arbitrary Code Injection? Upgrade |
[,3.1.0)
|
org.webjars.npm:serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It does not properly sanitize against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of NOTE: This vulnerability has also been identified as: CVE-2019-16769 How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.1.2)
|
org.webjars.npm:serialize-javascript is a package to serialize JavaScript to a superset of JSON that includes regular expressions and functions. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It does not properly sanitize against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of NOTE: This vulnerability has also been identified as: CVE-2019-16772 How to fix Cross-site Scripting (XSS)? Upgrade |
[,2.1.2)
|