Vulnerabilities > CVE-2021-23429 - Improper Handling of Exceptional Conditions vulnerability in Transpile Project Transpile

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

transpile-project

CWE-755

NVD

Published: 2021-08-24

Updated: 2021-08-31

Summary

All versions of package transpile are vulnerable to Denial of Service (DoS) due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to() function.

Vulnerable Configurations

Part	Description	Count
Application	Transpile_Project Transpile Project Transpile *	1

Common Weakness Enumeration (CWE)

CWE-755 - Improper Handling of Exceptional Conditions

References

https://github.com/stealjs/transpile/blob/56aaeb26f69496e45a60c03dc92653d53021d4ac/main.js%23L53
https://snyk.io/vuln/SNYK-JS-TRANSPILE-1290774