Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:55 a.m.7 views

CVE-2023-34109

zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with...

7.5CVSS6.8AI score0.00496EPSS
Exploits0References1
Veracode
Veracode
added 2023/06/20 7:17 a.m.21 views

Denial Of Service (DoS)

zxcvbn-ts password strength estimator is vulnerable to denial of service DoS. The vulnerability is due to not restricting user supplied input to a maximum value. This leads to unbounded resource consumption resulting in a nodejs crash...

7.5CVSS6.7AI score0.00496EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2023/06/07 6:15 p.m.11 views

CVE-2023-34109

zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with...

7.5CVSS6.7AI score0.00496EPSS
Exploits0References2
Prion
Prion
added 2023/06/07 6:15 p.m.19 views

Design/Logic Flaw

zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with...

5CVSS7.5AI score0.00496EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/07 5:11 p.m.9 views

CVE-2023-34109 User input results in Unbounded resource consumption in @zxcvbn-ts/core

zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with...

6.5CVSS7.5AI score0.00496EPSS
Exploits0References2
CVE
CVE
added 2023/06/07 5:11 p.m.54 views

CVE-2023-34109

CVE-2023-34109 — zxcvbn-ts (core) resource exhaustion : Affects zxcvbn-ts on Node.js when using the second argument of the zxcvbn function, where the inputs array can grow unbounded with each call, leading to potential DoS. Public advisories indicate the issue impacts both Node.js and browsers, a...

7.5CVSS6.9AI score0.00496EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/06/07 5:11 p.m.43 views

CVE-2023-34109 User input results in Unbounded resource consumption in @zxcvbn-ts/core

zxcvbn-ts is an open source password strength estimator written in typescript. This vulnerability affects users running on the nodeJS platform which are using the second argument of the zxcvbn function. It can result in an unbounded resource consumption as the user inputs array is extended with...

6.5CVSS7.5AI score0.00496EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.3 views

zxcvbn-ts 资源管理错误漏洞

zxcvbn-ts is zxcvbn-ts open source a password strength estimator inspired by password crackers. A resource management error vulnerability exists in versions prior to zxcvbn-ts 3.0.2, which stems from...

7.5CVSS7.3AI score0.00496EPSS
Exploits0References3
Rows per page
Query Builder