Nakah

**Name of the Vulnerable Software and Affected Versions** Finance.js versions 4.1.0 **Description** A flaw exists in Finance.js version 4.1.0 that can lead to a Denial of Service (DoS). This occurs due to improper handling of recursion/iteration limits within the IRR function’s depth parameter, potentially causing excessive CPU usage and resulting in application stalls or crashes. The seekZero() parameter can also be exploited to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** finance.js version 4.1.0 **Description** An issue allows a remote attacker to cause a denial of service via the `seekZero()` parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.