Moderate severityNVD Advisory· Published Aug 24, 2021· Updated Sep 16, 2024
Denial of Service (DoS)
CVE-2021-23429
Description
All versions of package transpile are vulnerable to Denial of Service (DoS) due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to() function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
transpilenpm | <= 2.7.2 | — |
Affected products
2- transpile/transpiledescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-7xrj-f5rp-j55hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-23429ghsaADVISORY
- github.com/stealjs/transpile/blob/56aaeb26f69496e45a60c03dc92653d53021d4ac/main.js%23L53ghsax_refsource_MISCWEB
- snyk.io/vuln/SNYK-JS-TRANSPILE-1290774ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.