CVE-2023-30421

mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain digit strings such as 8891110122900e913013935755114...

jose 资源管理错误漏洞

npm jose is an application from the U.S. company npm. Use native encryption runtime does not depend on the item JWA, JWS, JWE, JWT, JWK. A resource management error vulnerability exists in jose versions prior to v1.28.2, prior to v2.0.6, prior to v3.20.4, and prior to v4.9.2, which stems from the...