[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-11831":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":45,"duplicate_of":9,"upstream":47,"downstream":48,"duplicates":63,"related":64,"reserved_at":9,"published_at":69,"modified_at":70,"state":71,"summary":72,"references_raw":81,"kevs":199,"epss":200,"epss_history":203,"metrics":474,"affected":484},"CVE-2024-11831","A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[],[46],"GHSA-76p7-773f-r4q5",[],[49,51,53,55,57,59,61],{"_key":50},"DEBIAN-CVE-2024-11831",{"_key":52},"UBUNTU-CVE-2024-11831",{"_key":54},"RHBA-2025:0304",{"_key":56},"RHSA-2025:0381",{"_key":58},"RHSA-2025:21068",{"_key":60},"RHSA-2026:1536",{"_key":62},"RHSA-2026:2769",[],[65,67],{"_key":66},"CGA-72HF-GJP2-M4HX",{"_key":68},"CGA-GX64-2VH6-659Q","2025-02-10T15:27:46.732Z","2026-06-02T17:51:51.161Z","Deferred",{"cisa_kev":73,"cisa_ransomware":73,"cisa_vendor":9,"epss_severity":74,"epss_score":75,"severity":76,"severity_score":77,"severity_version":78,"severity_source":79,"severity_vector":80,"severity_status":71},false,"low",0.01129,"medium",5.4,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",[82,91,95,99,103,107,111,115,119,123,127,131,135,139,143,147,151,155,159,164,169,173,177,182,186,191,195],{"url":83,"sources":84,"tags":87},"https://access.redhat.com/errata/RHBA-2025:0304",[79,85,86],"nvd","osv_npm",[88,89,90],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":92,"sources":93,"tags":94},"https://access.redhat.com/errata/RHSA-2025:0381",[79,85,86],[88,89,90],{"url":96,"sources":97,"tags":98},"https://access.redhat.com/errata/RHSA-2025:10853",[79,85,86],[88,89,90],{"url":100,"sources":101,"tags":102},"https://access.redhat.com/errata/RHSA-2025:1334",[79,85,86],[88,89,90],{"url":104,"sources":105,"tags":106},"https://access.redhat.com/errata/RHSA-2025:1468",[79,85,86],[88,89,90],{"url":108,"sources":109,"tags":110},"https://access.redhat.com/errata/RHSA-2025:21068",[79,85,86],[88,89,90],{"url":112,"sources":113,"tags":114},"https://access.redhat.com/errata/RHSA-2025:21203",[79,85,86],[88,89,90],{"url":116,"sources":117,"tags":118},"https://access.redhat.com/errata/RHSA-2025:3870",[79,85,86],[88,89,90],{"url":120,"sources":121,"tags":122},"https://access.redhat.com/errata/RHSA-2025:4511",[79,85,86],[88,89,90],{"url":124,"sources":125,"tags":126},"https://access.redhat.com/errata/RHSA-2025:8059",[79,85,86],[88,89,90],{"url":128,"sources":129,"tags":130},"https://access.redhat.com/errata/RHSA-2025:8078",[79,85,86],[88,89,90],{"url":132,"sources":133,"tags":134},"https://access.redhat.com/errata/RHSA-2025:8233",[79,85,86],[88,89,90],{"url":136,"sources":137,"tags":138},"https://access.redhat.com/errata/RHSA-2025:8479",[79,85,86],[88,89,90],{"url":140,"sources":141,"tags":142},"https://access.redhat.com/errata/RHSA-2025:8512",[79,85,86],[88,89,90],{"url":144,"sources":145,"tags":146},"https://access.redhat.com/errata/RHSA-2025:8544",[79,85,86],[88,89,90],{"url":148,"sources":149,"tags":150},"https://access.redhat.com/errata/RHSA-2025:8551",[79,85,86],[88,89,90],{"url":152,"sources":153,"tags":154},"https://access.redhat.com/errata/RHSA-2025:9294",[79,85,86],[88,89,90],{"url":156,"sources":157,"tags":158},"https://access.redhat.com/errata/RHSA-2026:1536",[79,85,86],[88,89,90],{"url":160,"sources":161,"tags":162},"https://access.redhat.com/security/cve/CVE-2024-11831",[79,85,86],[163,89,90],"VDB Entry",{"url":165,"sources":166,"tags":167},"https://bugzilla.redhat.com/show_bug.cgi?id=2312579",[79,85,86],[168,89,90],"Issue Tracking",{"url":170,"sources":171,"tags":172},"https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e",[79,85,86],[90],{"url":174,"sources":175,"tags":176},"https://github.com/yahoo/serialize-javascript/pull/173",[79,85,86],[90],{"url":178,"sources":179,"tags":180},"https://nvd.nist.gov/vuln/detail/CVE-2024-11831",[86],[181],"Advisory",{"url":183,"sources":184,"tags":185},"https://github.com/yahoo/serialize-javascript/commit/7f3ac252d86b802454cb43782820aea2e0f6dc25",[86],[90],{"url":187,"sources":188,"tags":189},"https://github.com/yahoo/serialize-javascript",[86],[190],"PACKAGE",{"url":192,"sources":193,"tags":194},"https://access.redhat.com/errata/RHSA-2026:2769",[79,85,86],[88,89,90],{"url":196,"sources":197,"tags":198},"https://access.redhat.com/errata/RHSA-2026:8568",[79,85,86],[88,89,90],[],{"date":201,"score":75,"percentile":202},"2026-06-04",0.78647,[204,208,211,215,218,221,224,227,229,233,237,240,243,246,249,253,256,259,262,264,267,270,274,277,281,284,287,289,292,295,297,300,303,306,310,313,316,319,322,325,328,331,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,422,425,428,431,434,437,439,442,445,448,451,454,457,460,462,466,468,471],{"date":205,"score":206,"percentile":207},"2025-11-04",0.00696,0.71137,{"date":209,"score":206,"percentile":210},"2025-11-05",0.71122,{"date":212,"score":213,"percentile":214},"2025-11-06",0.01028,0.76596,{"date":216,"score":213,"percentile":217},"2025-11-07",0.7661,{"date":219,"score":213,"percentile":220},"2025-11-08",0.76613,{"date":222,"score":213,"percentile":223},"2025-11-09",0.76609,{"date":225,"score":213,"percentile":226},"2025-11-10",0.76592,{"date":228,"score":213,"percentile":214},"2025-11-11",{"date":230,"score":231,"percentile":232},"2025-11-12",0.00989,0.76152,{"date":234,"score":235,"percentile":236},"2025-11-13",0.01009,0.76377,{"date":238,"score":235,"percentile":239},"2025-11-14",0.76383,{"date":241,"score":235,"percentile":242},"2025-11-15",0.76378,{"date":244,"score":235,"percentile":245},"2025-11-16",0.76376,{"date":247,"score":235,"percentile":248},"2025-11-17",0.76367,{"date":250,"score":251,"percentile":252},"2025-11-18",0.07942,0.91177,{"date":254,"score":251,"percentile":255},"2025-11-19",0.91181,{"date":257,"score":251,"percentile":258},"2025-11-20",0.91186,{"date":260,"score":235,"percentile":261},"2025-11-21",0.76392,{"date":263,"score":235,"percentile":261},"2025-11-22",{"date":265,"score":235,"percentile":266},"2025-11-23",0.76379,{"date":268,"score":235,"percentile":269},"2025-11-24",0.76381,{"date":271,"score":272,"percentile":273},"2025-11-25",0.00886,0.7471,{"date":275,"score":272,"percentile":276},"2025-11-26",0.74717,{"date":278,"score":279,"percentile":280},"2025-11-27",0.00879,0.74603,{"date":282,"score":279,"percentile":283},"2025-11-28",0.74592,{"date":285,"score":279,"percentile":286},"2025-11-29",0.74589,{"date":288,"score":279,"percentile":286},"2025-11-30",{"date":290,"score":279,"percentile":291},"2025-12-01",0.74721,{"date":293,"score":279,"percentile":294},"2025-12-02",0.74727,{"date":296,"score":279,"percentile":276},"2025-12-03",{"date":298,"score":279,"percentile":299},"2025-12-04",0.74585,{"date":301,"score":279,"percentile":302},"2025-12-05",0.74594,{"date":304,"score":279,"percentile":305},"2025-12-06",0.74598,{"date":307,"score":308,"percentile":309},"2025-12-07",0.01236,0.78611,{"date":311,"score":308,"percentile":312},"2025-12-08",0.78615,{"date":314,"score":308,"percentile":315},"2025-12-09",0.78633,{"date":317,"score":308,"percentile":318},"2025-12-10",0.78656,{"date":320,"score":308,"percentile":321},"2025-12-11",0.78672,{"date":323,"score":308,"percentile":324},"2025-12-12",0.78691,{"date":326,"score":308,"percentile":327},"2025-12-13",0.78693,{"date":329,"score":308,"percentile":330},"2025-12-14",0.7869,{"date":332,"score":308,"percentile":330},"2025-12-15",{"date":334,"score":308,"percentile":335},"2025-12-16",0.78701,{"date":337,"score":308,"percentile":338},"2025-12-17",0.78709,{"date":340,"score":308,"percentile":341},"2025-12-18",0.78727,{"date":343,"score":308,"percentile":344},"2025-12-19",0.7874,{"date":346,"score":308,"percentile":347},"2025-12-20",0.78735,{"date":349,"score":308,"percentile":350},"2025-12-21",0.78728,{"date":352,"score":308,"percentile":353},"2025-12-22",0.78731,{"date":355,"score":308,"percentile":356},"2025-12-23",0.7873,{"date":358,"score":308,"percentile":359},"2025-12-24",0.78741,{"date":361,"score":308,"percentile":362},"2025-12-25",0.78762,{"date":364,"score":308,"percentile":365},"2025-12-26",0.78759,{"date":367,"score":308,"percentile":368},"2025-12-27",0.78811,{"date":370,"score":308,"percentile":371},"2025-12-28",0.7875,{"date":373,"score":308,"percentile":374},"2025-12-29",0.78744,{"date":376,"score":308,"percentile":377},"2025-12-30",0.78749,{"date":379,"score":308,"percentile":380},"2025-12-31",0.78761,{"date":382,"score":308,"percentile":383},"2026-01-01",0.78863,{"date":385,"score":308,"percentile":386},"2026-01-02",0.78862,{"date":388,"score":308,"percentile":389},"2026-01-03",0.78857,{"date":391,"score":308,"percentile":392},"2026-01-04",0.78755,{"date":394,"score":308,"percentile":395},"2026-01-05",0.78752,{"date":397,"score":308,"percentile":398},"2026-01-06",0.78758,{"date":400,"score":308,"percentile":401},"2026-01-07",0.78765,{"date":403,"score":308,"percentile":404},"2026-01-08",0.78774,{"date":406,"score":308,"percentile":407},"2026-01-09",0.78776,{"date":409,"score":308,"percentile":410},"2026-01-10",0.78779,{"date":412,"score":308,"percentile":413},"2026-01-11",0.78772,{"date":415,"score":308,"percentile":416},"2026-01-12",0.7876,{"date":418,"score":308,"percentile":419},"2026-01-13",0.78756,{"date":421,"score":308,"percentile":407},"2026-01-14",{"date":423,"score":308,"percentile":424},"2026-01-15",0.78778,{"date":426,"score":308,"percentile":427},"2026-01-16",0.78785,{"date":429,"score":308,"percentile":430},"2026-01-17",0.78792,{"date":432,"score":308,"percentile":433},"2026-01-18",0.78789,{"date":435,"score":308,"percentile":436},"2026-01-19",0.78786,{"date":438,"score":308,"percentile":427},"2026-01-20",{"date":440,"score":308,"percentile":441},"2026-01-21",0.78791,{"date":443,"score":308,"percentile":444},"2026-01-22",0.78799,{"date":446,"score":308,"percentile":447},"2026-01-23",0.78827,{"date":449,"score":308,"percentile":450},"2026-01-24",0.78838,{"date":452,"score":308,"percentile":453},"2026-01-25",0.78832,{"date":455,"score":308,"percentile":456},"2026-01-26",0.78829,{"date":458,"score":308,"percentile":459},"2026-01-27",0.78828,{"date":461,"score":308,"percentile":453},"2026-01-28",{"date":463,"score":464,"percentile":465},"2026-01-29",0.01673,0.81727,{"date":467,"score":464,"percentile":465},"2026-01-30",{"date":469,"score":464,"percentile":470},"2026-01-31",0.81733,{"date":472,"score":464,"percentile":473},"2026-02-01",0.81812,[475,480,482],{"source":79,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":476,"cvss_v4_0":9},{"baseScore":77,"baseSeverity":477,"vectorString":80,"impactScore":478,"exploitabilityScore":479},"MEDIUM",4.5,5.9,{"source":85,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":481,"cvss_v4_0":9},{"baseScore":77,"baseSeverity":477,"vectorString":80,"impactScore":478,"exploitabilityScore":479},{"source":86,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":483,"cvss_v4_0":9},{"baseScore":77,"baseSeverity":9,"vectorString":80,"impactScore":478,"exploitabilityScore":479},[485],{"ecosystem":486,"name":487,"vendor":486,"product":487,"cpe_part":9,"purl_type":488,"purl_namespace":9,"purl_name":487,"source":9,"versions":489},"Npm","serialize-javascript","npm",[490],{"version":491,"is_range":492,"range_type":493,"version_start":494,"version_start_type":495,"version_end":496,"version_end_type":497,"fixed_in":9},"gte6_0_0_lt6_0_2",true,"semver","6.0.0","including","6.0.2","excluding"]