Vulnerability: Denial of Service (DoS) in package bignum due to V8 Type-Check Exception

Vulnerability: Denial of Service (DoS) in package bignum due to V8 Type-Check Exception

CVE-2022-25324 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

All versions of package bignum are vulnerable to Denial of Service (DoS) due to a type-check exception in V8, when verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks.

Learn more about our Web Application Penetration Testing UK.