GHSA-6429-3G3W-6MW5 Uncaught Exception in bignum

All versions of the npm package bignum are vulnerable to Denial of Service DoS due to a type-check exception in V8. When verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks...

CVE-2022-25324

CVE-2022-25324 affects the npm package bignum. The DoS arises from a type-check exception in V8 when verifying the second argument to the powm function, causing crashes that bypass Node try/catch blocks. Affected versions are not fixed by any known version; remediation is not available. Related a...

CVE-2022-25324

All versions of package bignum are vulnerable to Denial of Service DoS due to a type-check exception in V8, when verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks...

Denial of Service (DoS)

Overview bignum is an Arbitrary precision integral arithmetic for Node.js using OpenSSL. This library is based on node-bigint by substack, but instead of using libgmp, it uses the builtin bignum functionality provided by OpenSSL. The advantage is that OpenSSL is already part of Node.js, so this...