Fast String Search Project: >> Fast String Search Security Vulnerabilities
All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-06-17
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-06-17