MidnightBSD

Advisories for medikoo

CVE-2024-27088

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 0.0 NONE CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N 0.8 0.0

Products Affected

Vendor Product Version
medikoo es5-ext *