CVE-2026-34043 in yahoo serialize-javascript情報

要約 (英語)

Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is a Denial of Service (DoS) vulnerability caused by CPU exhaustion. When serializing a specially crafted "array-like" object (an object that inherits from Array.prototype but has a very large length property), the process enters an intensive loop that consumes 100% CPU and hangs indefinitely. This issue has been patched in version 7.0.5.

責任者

GitHub_M

予約する

2026年03月25日

公開

2026年03月31日

エントリ

VulDB provides additional information and datapoints for this CVE:

識別子脆弱性CWE悪用可対策CVE
354311yahoo serialize-javascript Regular Expression サービス拒否400未定義公式な修正CVE-2026-34043

説明

CPE

CWE

CVSS

エクスプロイト

履歴

差分

リンクする

脅威インテリジェンス

API JSON

API XML

API CSV

概要

Want to stay up to date on a daily basis?

Enable the mail alert feature now!