{"source":1119440,"name":"serialize-javascript","dependency":"serialize-javascript","title":"Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects","url":"https://github.com/advisories/GHSA-qj8w-gfj5-8c6v","severity":"moderate","versions":["1.0.0","1.1.2","1.2.0","1.3.0","1.4.0","1.5.0","1.6.0","1.6.1","1.7.0","1.8.0","1.9.0","1.9.1","2.0.0","2.1.0","2.1.1","2.1.2","3.0.0","3.1.0","4.0.0","5.0.0","5.0.1","6.0.0","6.0.1","6.0.2","7.0.0","7.0.1","7.0.2","7.0.3","7.0.4","7.0.5","7.0.6","7.0.7"],"vulnerableVersions":["5.0.0","5.0.1","6.0.0","6.0.1","6.0.2","7.0.0","7.0.1","7.0.2","7.0.3","7.0.4"],"cwe":["CWE-400","CWE-834"],"cvss":{"score":5.9,"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},"range":">=5.0.0 <7.0.5","id":"AXu6GbGffgCqt+tbGbSoRSAR0ToZne3j6Lbwdc0JXWi9sTeKSvN+XJG9k0/7+xBON2qXnfDWEmsTf+PcRcH/6Q=="}