Description
This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces.
Remediation
References
https://github.com/wanasit/chrono/issues/382
https://github.com/wanasit/chrono/commit/98815b57622443b5c498a427210ebd603d705f4c
https://snyk.io/vuln/SNYK-JS-CHRONONODE-1083228
Related Vulnerabilities
CVE-2023-46122 Vulnerability in maven package org.scala-sbt:sbt
CVE-2023-1784 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-parent
CVE-2021-23327 Vulnerability in maven package org.webjars.npm:apexcharts
CVE-2022-1291 Vulnerability in npm package tableexport.jquery.plugin
CVE-2020-25711 Vulnerability in maven package org.infinispan:infinispan-server-rest