Vulnerability Details CVE-2024-27088
es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.2%
CVSS Severity
References
- https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2
- https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602
- https://github.com/medikoo/es5-ext/issues/201
- https://github.com/medikoo/es5-ext/security/advisories/GHSA-4gmj-3p3h-gm8h
- https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2
- https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602
- https://github.com/medikoo/es5-ext/issues/201
- https://github.com/medikoo/es5-ext/security/advisories/GHSA-4gmj-3p3h-gm8h
Products affected by CVE-2024-27088
-
cpe:2.3:a:medikoo:es5-ext:0.10.0
-
cpe:2.3:a:medikoo:es5-ext:0.10.1
-
cpe:2.3:a:medikoo:es5-ext:0.10.10
-
cpe:2.3:a:medikoo:es5-ext:0.10.11
-
cpe:2.3:a:medikoo:es5-ext:0.10.12
-
cpe:2.3:a:medikoo:es5-ext:0.10.13
-
cpe:2.3:a:medikoo:es5-ext:0.10.14
-
cpe:2.3:a:medikoo:es5-ext:0.10.15
-
cpe:2.3:a:medikoo:es5-ext:0.10.16
-
cpe:2.3:a:medikoo:es5-ext:0.10.17
-
cpe:2.3:a:medikoo:es5-ext:0.10.18
-
cpe:2.3:a:medikoo:es5-ext:0.10.19
-
cpe:2.3:a:medikoo:es5-ext:0.10.2
-
cpe:2.3:a:medikoo:es5-ext:0.10.20
-
cpe:2.3:a:medikoo:es5-ext:0.10.21
-
cpe:2.3:a:medikoo:es5-ext:0.10.22
-
cpe:2.3:a:medikoo:es5-ext:0.10.23
-
cpe:2.3:a:medikoo:es5-ext:0.10.24
-
cpe:2.3:a:medikoo:es5-ext:0.10.25
-
cpe:2.3:a:medikoo:es5-ext:0.10.26
-
cpe:2.3:a:medikoo:es5-ext:0.10.27
-
cpe:2.3:a:medikoo:es5-ext:0.10.28
-
cpe:2.3:a:medikoo:es5-ext:0.10.29
-
cpe:2.3:a:medikoo:es5-ext:0.10.3
-
cpe:2.3:a:medikoo:es5-ext:0.10.30
-
cpe:2.3:a:medikoo:es5-ext:0.10.31
-
cpe:2.3:a:medikoo:es5-ext:0.10.32
-
cpe:2.3:a:medikoo:es5-ext:0.10.33
-
cpe:2.3:a:medikoo:es5-ext:0.10.34
-
cpe:2.3:a:medikoo:es5-ext:0.10.35
-
cpe:2.3:a:medikoo:es5-ext:0.10.36
-
cpe:2.3:a:medikoo:es5-ext:0.10.37
-
cpe:2.3:a:medikoo:es5-ext:0.10.38
-
cpe:2.3:a:medikoo:es5-ext:0.10.39
-
cpe:2.3:a:medikoo:es5-ext:0.10.4
-
cpe:2.3:a:medikoo:es5-ext:0.10.40
-
cpe:2.3:a:medikoo:es5-ext:0.10.41
-
cpe:2.3:a:medikoo:es5-ext:0.10.42
-
cpe:2.3:a:medikoo:es5-ext:0.10.43
-
cpe:2.3:a:medikoo:es5-ext:0.10.44
-
cpe:2.3:a:medikoo:es5-ext:0.10.45
-
cpe:2.3:a:medikoo:es5-ext:0.10.46
-
cpe:2.3:a:medikoo:es5-ext:0.10.47
-
cpe:2.3:a:medikoo:es5-ext:0.10.48
-
cpe:2.3:a:medikoo:es5-ext:0.10.49
-
cpe:2.3:a:medikoo:es5-ext:0.10.5
-
cpe:2.3:a:medikoo:es5-ext:0.10.50
-
cpe:2.3:a:medikoo:es5-ext:0.10.51
-
cpe:2.3:a:medikoo:es5-ext:0.10.52
-
cpe:2.3:a:medikoo:es5-ext:0.10.53
-
cpe:2.3:a:medikoo:es5-ext:0.10.54
-
cpe:2.3:a:medikoo:es5-ext:0.10.55
-
cpe:2.3:a:medikoo:es5-ext:0.10.56
-
cpe:2.3:a:medikoo:es5-ext:0.10.57
-
cpe:2.3:a:medikoo:es5-ext:0.10.58
-
cpe:2.3:a:medikoo:es5-ext:0.10.59
-
cpe:2.3:a:medikoo:es5-ext:0.10.6
-
cpe:2.3:a:medikoo:es5-ext:0.10.60
-
cpe:2.3:a:medikoo:es5-ext:0.10.61
-
cpe:2.3:a:medikoo:es5-ext:0.10.62
-
cpe:2.3:a:medikoo:es5-ext:0.10.7
-
cpe:2.3:a:medikoo:es5-ext:0.10.8
-
cpe:2.3:a:medikoo:es5-ext:0.10.9