Homepage

millisecond@0.1.0 vulnerabilities

Convert time strings to milliseconds

  • latest version

    0.1.2

  • latest non vulnerable version

    0.1.2

  • first published

    10 years ago

  • latest version published

    9 years ago

  • licenses detected

  • View millisecond package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the millisecond package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Regular Expression Denial of Service (ReDoS)

    Regular expression Denial of Service (ReDoS) vulnerability exists in milliseconds module, affecting version 0.1.1 and below.

    milliseconds, the milliseconds conversion utility is used to convert times to milliseconds. The regular expression used by the function to parse the time is vulnerable to denial of service attack, where extremely long strings that are passed to milliseconds() can take long time to process and as a result block the event loop for that period.

    How to fix Regular Expression Denial of Service (ReDoS)?

    Upgrade to version 0.1.2.

    <0.1.2
    Go back to all versions of this package