serialize-to-js@2.0.0 vulnerabilities
serialize objects to javascript
latest version
3.1.2
latest non vulnerable version
first published
9 years ago
latest version published
2 years ago
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the serialize-to-js package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
serialize-to-js is a package to serialize objects into a string while checking circular structures and respecting references. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It does not properly sanitize against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of NOTE: This vulnerability has also been identified as: CVE-2019-16769 How to fix Cross-site Scripting (XSS)? Upgrade | <3.0.1 |
serialize-to-js is a package to serialize objects into a string while checking circular structures and respecting references. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It does not properly sanitize against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js's implementation of NOTE: This vulnerability has also been identified as: CVE-2019-16772 How to fix Cross-site Scripting (XSS)? Upgrade | <3.0.1 |