CRITICAL
Serialize To Js Project
CVE published 2017-02-10
CVE-2017-5954
CVE-2017-5954 is a critical deserialization vulnerability in serialize-to-js 0.5.0 for Node.js. According to the NVD record, untrusted data passed to deserialize() can be abused to achieve arbitrary code execution, including by supplying a JavaScript object containing an immediately invoked function expression (IIFE). The issue was published on 2017-02-10 and remains recorded as modified in the NVD databa [truncated]