CVE-2022-22138

Uncontrolled Resource Consumption in fast-string-search in npm/fast-string-search

Identifiers

GHSA-4263-q746-94mw, CVE-2022-22138

Package Slug

npm/fast-string-search

Vulnerability

Uncontrolled Resource Consumption in fast-string-search

Description

All versions of package fast-string-search is vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation.

Affected Versions

All versions up to 1.4.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-06-21

source