CNNVD-202601-3332 Information

CNNVD ID

CNNVD-202601-3332

Related CVE

CVE-2026-23736

• CNNVD Published: 2026-01-21

Description (Chinese)

seroval是Alexis H. Munsayac个人开发者的一个格式化Java库。 seroval 1.4.0及之前版本存在安全漏洞，该漏洞源于JSON反序列化过程中输入验证不当，可能导致原型污染。

Description (English)

The seroval is a formatted Java bank for Alexis H. Munsayac’s personal developer. There is a safety loophole in seroval 1.4.0 and earlier versions, which stems from the inappropriate input verification of JSON ’ s anti-serialization process, which could lead to prototype contamination.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/lxsmnsyc/seroval/commit/ce9408ebc87312fcad345a73c172212f2a798060 https://github.com/lxsmnsyc/seroval/security/advisories/GHSA-hj76-42vx-jwp4