VYPR
High severityNVD Advisory· Published Jul 29, 2024· Updated Oct 11, 2024

ReDOS at currency parsing fast-xml-parser

CVE-2024-41818

Description

fast-xml-parser is an open source, pure javascript xml parser. a ReDOS exists on currency.js. This vulnerability is fixed in 4.4.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
fast-xml-parsernpm
>= 4.3.5, < 4.4.14.4.1

Affected products

28

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.