Filtered by vendor Fast String Search Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-22138 | 1 Fast String Search Project | 1 Fast String Search | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation. | |||||
CVE-2022-25872 | 1 Fast String Search Project | 1 Fast String Search | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory. |