CVE-2026-34043 in yahoo serialize-javascript정보

요약 (영어)

Serialize JavaScript to a superset of JSON that includes regular expressions and functions. Prior to version 7.0.5, there is a Denial of Service (DoS) vulnerability caused by CPU exhaustion. When serializing a specially crafted "array-like" object (an object that inherits from Array.prototype but has a very large length property), the process enters an intensive loop that consumes 100% CPU and hangs indefinitely. This issue has been patched in version 7.0.5.

책임이 있는

GitHub_M

예약하다

2026. 03. 25.

공개

2026. 03. 31.

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
354311	yahoo serialize-javascript Regular Expression 서비스 거부	400	정의되지 않음	공식 수정	CVE-2026-34043

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

◂ 이전개요다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!