Lucene search
SnykCVELIST:CVE-2021-23429HistoryAug 24, 2021 - 7:45 a.m.
CVE-2021-23429 Denial of Service (DoS)
2021-08-2407:45:30
snyk
www.cve.org
2
cve-2021-23429
denial of service
input sanitization
whitelisting
exception handling
.to() function
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P
EPSS
0.001
Percentile
45.0%
All versions of package transpile are vulnerable to Denial of Service (DoS) due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to() function.
CNA Affected
[
{
"product": "transpile",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
prion
prion
Input validation
2021-08-24 08:15:00
veracode
veracode
Denial Of Service (DoS)
2021-08-25 01:22:26
osv
osv
Uncontrolled Resource Consumption in transpile
2021-09-02 17:10:42
nvd
nvd
CVE-2021-23429
2021-08-24 08:15:21
github
github
Uncontrolled Resource Consumption in transpile
2021-09-02 17:10:42
cve
cve
CVE-2021-23429
2021-08-24 08:15:21
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P
EPSS
0.001
Percentile
45.0%
Related for CVELIST:CVE-2021-23429