Описание
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
A flaw was found in nodejs-json-bigint. A Prototype pollution in json-bigint npm may lead to a denial-of-service (DoS) attack.
Отчет
In Red Hat Openshift Container Storage 4 the noobaa-core container includes the affected version of json-bigint as a dependency of googleapis, however the json-bigint library is not being used and hence this issue has been rated as having a security impact of Low.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1881028nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS
EPSS
Процентиль: 64%
0.00474
Низкий
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 5 лет назад
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
CVSS3: 7.5
github
почти 5 лет назад
Uncontrolled Resource Consumption in json-bigint
EPSS
Процентиль: 64%
0.00474
Низкий
7.5 High
CVSS3