Vulnerability in unovis project

While working on unovis project, I detected a vulnerability in the seroval package. The issue occurs when the application attempts to serialize deeply nested objects. Due to the lack of depth limits during serialization, the process can exceed JavaScript’s maximum call stack size, causing the application to crash or become unresponsive. This behavior confirms the presence of a Denial of Service (DoS) vulnerability identified as [CVE-2026-24006](https://vulert.com/vuln-db/CVE-2026-24006) in the affected version of the package.

[CVE Link](https://vulert.com/vuln-db/CVE-2026-24006)
[CVE Report](https://vulert.com/vuln-scan/list/597d7e04-4ed8-48bd-a359-dfd28901585d?sort_order=desc&sort_by=created_at)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability in unovis project #711

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerability in unovis project #711

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions