Verizon Serialize-javascript — known CVE vulnerabilities
Every CVE whose affected-product data names Verizon Serialize-javascript, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-7660 — CVSS 8.1 (high): serialize-javascript prior to 3.1.0 allows remote attackers to inject arbitrary code via the function "deleteFunctions" within "index.js".
CVE-2019-16769 — CVSS 4.2 (medium): The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate…