Vendor
TooTallNate
Products
3
CVEs
3
Across products
3
Status
Private
Products
3- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21526 | Hig | 0.49 | 7.5 | 0.01 | Jul 10, 2024 | All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash. | ||
| CVE-2026-3449 | Low | 0.14 | 3.3 | 0.00 | Mar 3, 2026 | Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then() usage to… | ||
| CVE-2023-2968 | 0.00 | — | 0.01 | May 30, 2023 | A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception. |
- risk 0.49cvss 7.5epss 0.01
All versions of the package speaker are vulnerable to Denial of Service (DoS) when providing unexpected input types to the channels property of the Speaker object makes it possible to reach an assert macro. Exploiting this vulnerability can lead to a process crash.
- risk 0.14cvss 3.3epss 0.00
Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then() usage to…
- CVE-2023-2968May 30, 2023risk 0.00cvss —epss 0.01
A remote attacker can trigger a denial of service in the socket.remoteAddress variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception.