`serialize-javascript`

Ecosystem:
npm

Package URL:
pkg:npm/serialize-javascript

Total PRs:
4,124 Dependabot PRs

Latest PR:
about 13 hours ago

Unique Repositories:
3,316 repositories

Unique Repos (30 days):
129 repositories

Security Advisories

Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()

GHSA-5c6j-r48x-rmvq HIGH published 3 months ago • updated about 2 months ago

### Impact The serialize-javascript npm package (versions <= 7.0.2) contains a code injection vulnerability. It is an incomplete fix for CVE-2020-...

Cross-site Scripting (XSS) in serialize-javascript

GHSA-76p7-773f-r4q5 CVE-2024-11831 MODERATE published over 1 year ago • updated 3 days ago

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain i...

Cross-Site Scripting in serialize-javascript

GHSA-h9rv-jmmf-4pgx CVE-2019-16769 MODERATE published over 6 years ago • updated 2 days ago

Versions of `serialize-javascript` prior to 2.1.1 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize serialized regular ex...

Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

GHSA-qj8w-gfj5-8c6v CVE-2026-34043 MODERATE published 2 months ago • updated 10 days ago

### Impact **What kind of vulnerability is it?** It is a **Denial of Service (DoS)** vulnerability caused by CPU exhaustion. When serializing a s...

6.0.2 → 7.0.5 Major PR

Open about 13 hours ago 1 comment

chore(deps): bump the npm_and_yarn group across 1 directory with 19 updates

palmtreecorporation/testapp-sdk #113

6.0.2 → 7.0.5 Major PR

Open about 15 hours ago 2 comments

Bump serialize-javascript and terser-webpack-plugin

Automattic/simplenote-electron #3368

removed Removal PR

Closed 1 day ago 1 comment

Build(deps): Bump the npm_and_yarn group across 1 directory with 27 updates

EmilynnJ/ragflow #1

6.0.2 → removed

Open 1 day ago 4 comments

Bump the npm_and_yarn group across 11 directories with 10 updates

loveyou001/firebase-framework-tools #80

6.0.2 → 7.0.5 Major PR

Open 2 days ago 2 comments

Bump the npm_and_yarn group across 12 directories with 14 updates

AnnaProDev/fork-commit-merge #47

6.0.1 → 7.0.5 Major PR

Closed 3 days ago 1 comment

chore(deps): bump the npm_and_yarn group across 16 directories with 11 updates

bluluvinn/genkit #50

6.0.2 → 7.0.5 Major PR

Closed 3 days ago 1 comment

chore(deps): bump the npm_and_yarn group across 1 directory with 7 updates

milliorn/portfolio #249

6.0.2 → 7.0.5 Major PR

Closed 4 days ago 3 comments

Bump the npm_and_yarn group across 1 directory with 18 updates

gagneet/firefly-iii #11

6.0.2 → removed

Closed 4 days ago 1 comment

Bump the npm_and_yarn group across 11 directories with 9 updates

randybloxham5-arch/apphosting-adapters #24

6.0.2 → 7.0.5 Major PR

Closed 4 days ago 1 comment

Bump the npm_and_yarn group across 13 directories with 9 updates

Gaming-tech-cyber/react #28

6.0.1 → 6.0.2 Patch PR

Closed 4 days ago 1 comment

chore(deps): bump serialize-javascript and copy-webpack-plugin in /companion-plugin

aloewright/joplin-local-ai #2

6.0.2 → 7.0.5 Major PR

Closed 4 days ago 1 comment

build(deps): bump the npm_and_yarn group across 17 directories with 17 updates

eagle19900203-boop/railpack #20

6.0.2 → 7.0.5 Major PR

Closed 5 days ago 1 comment

Bump serialize-javascript and terser-webpack-plugin

bameyrick/animated-weather-icon #84

removed Removal PR

Open 5 days ago 2 comments

chore(deps): bump serialize-javascript and webpack

ecomplus/client #365

removed Removal PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 26 directories with 14 updates

alialobidm/react #115

6.0.1 → 6.0.2 Patch PR

Open 7 days ago 1 comment

Bump the npm_and_yarn group across 24 directories with 13 updates

bluluvinn/react #28

6.0.1 → 6.0.2 Patch PR

Closed 7 days ago 1 comment

Bump the npm_and_yarn group across 15 directories with 12 updates

AKJUS/react #545

6.0.1 → 6.0.2 Patch PR

Open 8 days ago 1 comment

build(deps): bump serialize-javascript from 6.0.2 to removed in /TrafficLightsEnhancement/UI in the npm_and_yarn group across 1 directory

mayor-modder/Cities2-TrafficLightsEnhancement-Extended #61

6.0.2 → removed

Closed 8 days ago 2 comments

Bump serialize-javascript and terser-webpack-plugin

koenemans/bill-splitter #51

removed Removal PR

Open 8 days ago 3 comments

build(deps): bump the npm_and_yarn group across 17 directories with 17 updates

marekdkropiewnicki-dotcom/railpack #56

6.0.2 → 7.0.5 Major PR

Closed 8 days ago 1 comment

Bump the npm_and_yarn group across 14 directories with 12 updates

AKJUS/react #542

6.0.1 → 6.0.2 Patch PR

Open 8 days ago 1 comment

Bump the npm_and_yarn group across 56 directories with 4 updates

Jackblanket847/WebKit #130

6.0.1 → 7.0.5 Major PR

Closed 8 days ago 1 comment

chore(deps): bump the npm_and_yarn group across 5 directories with 12 updates

alexis-opolka/standardnote-app #40

6.0.1 → 6.0.2 Patch PR

Closed 8 days ago 1 comment

Bump the npm_and_yarn group across 2 directories with 17 updates

jianminy931020-coder/my-official-site #1

6.0.2 → removed

Open 9 days ago 1 comment

Bump the npm_and_yarn group across 17 directories with 13 updates

Hawthorne001/react #405

6.0.1 → 6.0.2 Patch PR

Open 9 days ago 2 comments

build(deps): bump serialize-javascript and @angular-devkit/build-angular

bolorundurowb/dev-core-tools #3

6.0.2 → 7.0.5 Major PR

Closed 9 days ago 1 comment

Bump the npm_and_yarn group across 17 directories with 13 updates

chien110234/react #53

6.0.1 → 6.0.2 Patch PR

Closed 9 days ago 1 comment

Bump the npm_and_yarn group across 12 directories with 11 updates

adamoutler/joplin #25

6.0.0 → 6.0.2 Patch PR

Closed 9 days ago 1 comment

Bump the npm_and_yarn group across 2 directories with 18 updates

dporkka/microweber #14

6.0.1 → 6.0.2 Patch PR

Closed 9 days ago 1 comment

Bump serialize-javascript from 7.0.4 to 7.0.5

psdev30/grind-recurve #21

7.0.4 → 7.0.5 Patch PR

Open 9 days ago 1 comment

chore(deps-dev): bump serialize-javascript from 7.0.4 to 7.0.5

th3w1zard1/KotOR.js #35

7.0.4 → 7.0.5 Patch PR

Open 9 days ago 1 comment

build(deps): bump the npm_and_yarn group across 7 directories with 12 updates

thetigerone888/openai-node #16

6.0.1 → removed

Closed 9 days ago 1 comment

build(deps): bump serialize-javascript and workbox-build

hectorlv/liga-mx-hrlv #570

6.0.2 → 7.0.5 Major PR

Closed 10 days ago 1 comment

Bump the npm_and_yarn group across 11 directories with 17 updates

HarleyCoops/joplin #17

6.0.0 → 6.0.2 Patch PR

Open 10 days ago 2 comments

Bump serialize-javascript from 6.0.2 to 7.0.5

ColinGJohnson/personal-website #42

6.0.2 → 7.0.5 Major PR

Open 10 days ago 1 comment

Bump serialize-javascript and terser-webpack-plugin

lanchester-rd/hello #26

removed Removal PR

Open 10 days ago 1 comment

chore(deps): bump serialize-javascript and workbox-build

sunniejs/vue-h5-template #207

6.0.2 → 7.0.5 Major PR

Closed 10 days ago 1 comment

Bump serialize-javascript and terser-webpack-plugin

simple-keyboard/simple-keyboard-input-mask #1711

removed Removal PR

Closed 10 days ago 2 comments

Bump serialize-javascript and nitropack

remult/remult #990

6.0.2 → 7.0.5 Major PR

Open 10 days ago 1 comment

Bump serialize-javascript from 6.0.2 to 7.0.5

rdrrichards/QIQO.Business.Accounts.Client #89

6.0.2 → 7.0.5 Major PR

Closed 10 days ago 1 comment

Bump serialize-javascript and terser-webpack-plugin

jasonc1/jasonc1.github.io #87

removed Removal PR

Open 10 days ago 1 comment

build(deps-dev): bump serialize-javascript from 6.0.2 to 7.0.5

contentful/contentful.js #2688

6.0.2 → 7.0.5 Major PR

Open 10 days ago 1 comment

chore: bump the npm_and_yarn group across 1 directory with 3 updates

selfagency/mistral-models-vscode #25

6.0.2 → 7.0.5 Major PR

Open 10 days ago 3 comments

Bump serialize-javascript and terser-webpack-plugin

alexandercerutti/passkit-visual-designer #48

removed Removal PR

Open 10 days ago 1 comment

chore(deps-dev): bump serialize-javascript from 6.0.0 to 6.0.2

Dustin4444/PathIntellisense #1

6.0.0 → 6.0.2 Patch PR

Open 10 days ago 3 comments

Bump serialize-javascript and terser-webpack-plugin in /performance-monitoring-start

ali963git/codelab-friendlychat-web #25

removed Removal PR

Open 10 days ago 4 comments

Bump serialize-javascript and terser-webpack-plugin in /performance-monitoring

ali963git/codelab-friendlychat-web #24

removed Removal PR

Open 10 days ago 2 comments

chore(deps): bump serialize-javascript and terser-webpack-plugin in /demo/webpack

Dustin4444/liquidjs #52

removed Removal PR

Open 10 days ago 3 comments

chore(deps): bump serialize-javascript and hardhat

alialobidm/curve-xgov #27

removed Removal PR

Open 10 days ago 1 comment

Package Details

Name:	`serialize-javascript`
Ecosystem:	npm
PURL Type:	npm
Package URL:	`pkg:npm/serialize-javascript`
JSON API:	View JSON

Security Advisories

5

Active advisories

HIGH 2

MODERATE 3

View All npm Advisories

Package Information

Description:

Serialize JavaScript to a superset of JSON that includes regular expressions and functions.

Repository:	https://github.com/yahoo/serialize-javascript
Homepage:	https://github.com/yahoo/serialize-javascript
Latest Release:	`6.0.2` over 2 years ago
Dependent Repos:	1,239,571
Dependent Packages:	2,603
Downloads:	184,953,215
Ranking:	Top 0.028% by dependent repos Top 0.0076% by downloads Top 0.0309% by dependent pkgs

PR Status

Open 2,031 (49.2%)

Merged 530 (12.9%)

Closed 1,298 (31.5%)

PR Types

Major 585 (14.2%)

Minor 28 (0.7%)

Patch 2,913 (70.6%)

Removal 189 (4.6%)

serialize-javascript

Security Advisories

Serialize JavaScript is Vulnerable to RCE via RegExp.flags and Date.prototype.toISOString()

Cross-site Scripting (XSS) in serialize-javascript

Cross-Site Scripting in serialize-javascript

Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

Insecure serialization leading to RCE in serialize-javascript

Recent PRs

Package Details

Security Advisories

5

Package Information

PR Status

PR Types

`serialize-javascript`