6 matches found
es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`
Impact Passing functions with very long names or complex default argument names into functioncopy orfunctiontoStringTokens may put script to stall Patches Fixed with https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2 and...
Code injection
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...
CVE-2024-27088 es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...
CVE-2024-27088 es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...
CVE-2024-27088 es5-ext Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...
CVE-2024-27088
CVE-2024-27088 affects the es5-ext library, which provides ECMAScript 5 extensions. The issue arises when passing functions with very long names or complex default argument names into the library’s copy or toStringTokens routines, potentially causing the script to stall. The vulnerability is publ...