CVE-2021-29486

The CVE concerns the npm library cumulative-distribution-function. A flaw in versions prior to 2.0.0 can cause an infinite-cpu-loop denial of service when the library processes invalid data (notably arrays of strings instead of numbers), impacting node.js servers and browser apps that do not vali...