20 matches found
Denial Of Service (DoS)
finance.js is vulnerable to Denial Of Service.The vulnerability is due to improper handling of the IRR function’s depth parameter, where an unbounded recursion/iteration limit can be triggered to consume excessive CPU and stall or crash the application...
EUVD-2025-31749
Malicious code in bioql PyPI...
EUVD-2025-31750
Malicious code in bioql PyPI...
CVE-2025-56572
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...
CVE-2025-56571
Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...
Finance.js vulnerable to DoS via the seekZero() parameter
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...
GHSA-5Q7Q-P8PC-782H Finance.js vulnerable to DoS via the seekZero() parameter
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...
GHSA-F8R4-MF27-RF7M Finance.js vulnerable to DoS via the IRR function’s depth parameter
Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...
Finance.js vulnerable to DoS via the IRR function’s depth parameter
Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...
CVE-2025-56571
Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...
CVE-2025-56572
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...
CVE-2025-56572
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...
CVE-2025-56571
Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...
Finance.js 安全漏洞
Finance.js is a JavaScript library for financial calculations by Essam B. Individual Developer. A security vulnerability exists in Finance.js version 4.1.0, which stems from improper handling of the seekZero parameter and could lead to a denial of service attack...
PT-2025-40001
Name of the Vulnerable Software and Affected Versions finance.js version 4.1.0 Description An issue allows a remote attacker to cause a denial of service via the seekZero parameter. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
PT-2025-40041
Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...
PT-2025-40038
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...
CVE-2025-56571
Finance.js v4.1.0 contains a Denial of Service DoS vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes...
PT-2025-40000
Name of the Vulnerable Software and Affected Versions Finance.js versions 4.1.0 Description A flaw exists in Finance.js version 4.1.0 that can lead to a Denial of Service DoS. This occurs due to improper handling of recursion/iteration limits within the IRR function’s depth parameter, potentially...
CVE-2025-56572
An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero parameter...