CVE-2021-23429
MEDIUMtranspile - Denial of Service via Improper Exception Handling in .to() Function
Title source: llmDescription
All versions of package transpile are vulnerable to Denial of Service (DoS) due to a lack of input sanitization or whitelisting, coupled with improper exception handling in the .to() function.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://snyk.io/vuln/SNYK-JS-TRANSPILE-1290774
Broken Link x_refsource_misc
https://github.com/stealjs/transpile/blob/56aaeb26f69496e45a60c03dc92653d53021d4ac/main.js%23L53
Scores
CVSS v3
6.5
EPSS
0.0098
EPSS Percentile
57.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-755
Status
published
Products (2)
npm/transpile
0npm
transpile_project/transpile
Published
Aug 24, 2021
Tracked Since
Feb 18, 2026