{"source":1113686,"name":"serialize-javascript","dependency":"serialize-javascript","title":"Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()","url":"https://github.com/advisories/GHSA-5c6j-r48x-rmvq","severity":"high","versions":["1.0.0","1.1.2","1.2.0","1.3.0","1.4.0","1.5.0","1.6.0","1.6.1","1.7.0","1.8.0","1.9.0","1.9.1","2.0.0","2.1.0","2.1.1","2.1.2","3.0.0","3.1.0","4.0.0","5.0.0","5.0.1","6.0.0","6.0.1","6.0.2","7.0.0","7.0.1","7.0.2","7.0.3","7.0.4"],"vulnerableVersions":["1.0.0","1.1.2","1.2.0","1.3.0","1.4.0","1.5.0","1.6.0","1.6.1","1.7.0","1.8.0","1.9.0","1.9.1","2.0.0","2.1.0","2.1.1","2.1.2","3.0.0","3.1.0","4.0.0","5.0.0","5.0.1","6.0.0","6.0.1","6.0.2","7.0.0","7.0.1","7.0.2"],"cwe":["CWE-96"],"cvss":{"score":8.1,"vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},"range":"<=7.0.2","id":"VNhzhjSQJJPSfVWQUXMpEy6hsW23faurQllLlGbSJ7QrUHjncb9PKDTQYw8APRVBzMug+7YJc5EWXV6SYvPIiw=="}