Filtered by vendor Ebradyjobory
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-56571 | 1 Ebradyjobory | 1 Finance.js | 2025-10-08 | N/A | 7.5 HIGH |
| Finance.js v4.1.0 contains a Denial of Service (DoS) vulnerability via the IRR function’s depth parameter. Improper handling of the recursion/iteration limit can lead to excessive CPU usage, causing application stalls or crashes. | |||||
| CVE-2025-56572 | 1 Ebradyjobory | 1 Finance.js | 2025-10-08 | N/A | 7.5 HIGH |
| An issue in finance.js v.4.1.0 allows a remote attacker to cause a denial of service via the seekZero() parameter. | |||||