Skip to content

Unchecked Input for Loop Condition #447

New issue
New issue
Open
Open
Unchecked Input for Loop Condition#447
@AlexMiller998s

Description

@AlexMiller998s
AlexMiller998s
opened on Mar 3, 2025

Risk Rating: Medium

Category Security: Misconfiguration

Description: The application performs some repetitive task in a loop, and defines the number of times to perform the loop according to user input. A very high value could cause the application to get stuck in the loop and to be unable to continue to other operations.

Impact: An attacker could input a very high value, potentially causing a denial of service (DoS).

Remediation:

Recommendation · Ideally, don’t base a loop on user-provided data. If it is necessary to do so, the user input must be first validated and its range should be limited.

Findings:
The following screenshot contains the finding related to this file
https://github.com/videojs/mux.js/blob/v7.1.0/lib/m2ts/metadata-stream.js#L187

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions