CVE-2017-5941 in node-serialize Packageinformazioni

Riassunto

di MITRE

An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE).

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Prenotare

09/02/2017

Divulgazione

09/02/2017

Moderazione

accettato

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.61025

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!