2 matches found
EUVD-2026-38060
js-toml vulnerable to CPU exhaustion via On^2 BigInt construction on radix-prefixed integer literals...
CVE-2026-49293
js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. Versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration...