Filtered by vendor Cross-spawn
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-21538 | 1 Cross-spawn | 1 Cross-spawn | 2024-11-08 | 7.5 High |
| Versions of the package cross-spawn before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string. | ||||
Page 1 of 1.