fast-string-search

npm2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting fast-string-searchpage 1 of 1

CVE-2022-22138HIGHCVSS 7.5EG 7.5
2022-06-17
All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault…
CVE-2022-25872MEDIUMCVSS 5.3EG 5.3
2022-06-17
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.

Check whether fast-string-search is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for fast-string-search CVEs against the assets you own.

Start Free Scan →