{"id":"GHSA-wgfq-7857-4jcc","summary":"Uncontrolled Resource Consumption in json-bigint","details":"Prototype pollution in json-bigint npm package \u003c 1.0.0 may lead to a denial-of-service (DoS) attack.","aliases":["CVE-2020-8237"],"modified":"2023-11-08T04:04:15.903445Z","published":"2021-05-07T16:47:19Z","database_specific":{"github_reviewed_at":"2021-04-28T16:57:11Z","nvd_published_at":"2020-09-18T21:15:00Z","severity":"HIGH","github_reviewed":true,"cwe_ids":["CWE-400"]},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-8237"},{"type":"WEB","url":"https://hackerone.com/reports/916430"}],"affected":[{"package":{"name":"json-bigint","ecosystem":"npm","purl":"pkg:npm/json-bigint"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.0.0"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-wgfq-7857-4jcc/GHSA-wgfq-7857-4jcc.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}