cumulative-distribution-function is vulnerable to denial of service. An attacker is able to send improper data such as invalid non-numeric or string data to cause an infinite while-loop in the function for evaluating the cumulative-distribution-function of input data, potentially resulting in an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
cumulative-distribution-function | le | 1.0.3 |
github.com/DrPaulBrewer/cumulative-distribution-function/commit/339a6cdbf716eca7df9a731a909887f98f87246d
github.com/DrPaulBrewer/cumulative-distribution-function/issues/7
github.com/DrPaulBrewer/cumulative-distribution-function/pull/8
github.com/DrPaulBrewer/cumulative-distribution-function/security/advisories/GHSA-58qp-5328-v7mh
www.npmjs.com/package/cumulative-distribution-function