Security
Headlines

Headlines Latest CVEs

Headline

GHSA-3j22-8qj3-26mx: Seroval affected by Denial of Service via Deeply Nested Objects

Serialization of objects with extreme depth can exceed the maximum call stack limit.

Mitigation:
Seroval introduces a depthLimit parameter in serialization/deserialization methods. An error will be thrown if the depth limit is reached.

17 hours ago

#dos #nodejs #git #intel

Skip to content

Navigation Menu

- AI CODE CREATION
  - GitHub CopilotWrite better code with AI
  - GitHub SparkBuild and deploy intelligent apps
  - GitHub ModelsManage and compare prompts
  - MCP RegistryNewIntegrate external tools

View all features

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

Appearance settings

GitHub Advisory Database
GitHub Reviewed
CVE-2026-24006

Seroval affected by Denial of Service via Deeply Nested Objects

High severity GitHub Reviewed Published Jan 21, 2026 in lxsmnsyc/seroval • Updated Jan 22, 2026

Package

npm seroval (npm)

Affected versions

<= 1.4.0

Description

Published to the GitHub Advisory Database

Jan 22, 2026

Last updated

Jan 22, 2026

EPSS score

ghsa: Latest News

GHSA-cq3j-qj2h-6rv3: Container and Containerization archive extraction does not guard against escapes from extraction base directory.

13 hours ago

GHSA-jp3q-wwp3-pwv9: Freeform Craft Plugin CP UI (builder/integrations) has Stored Cross-Site Scripting (XSS) issue

14 hours ago

GHSA-vqxh-445g-37fc: Spring Security has a broken timing attack mitigation implemented in DaoAuthenticationProvide

14 hours ago

GHSA-fcv2-xgw5-pqxf: sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal

15 hours ago

GHSA-7f67-crqm-jgh7: Incus container image templating arbitrary host file read and write

15 hours ago