CVE-2024-27088

Published Feb 26, 2024

Last updated 9 months ago

Overview

Description
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Social media

Hype score
Not currently trending

Risk scores

CVSS 3.1

Type
Secondary
Base score
0
Impact score
0
Exploitability score
0.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
Severity
NONE

Weaknesses

security-advisories@github.com
CWE-1333

References