When parsing a string to a BigDecimal or BigInteger in Java, or BigInt in JavaScript, are there any known security issues around this? Like if you take in the string without validating it's just numbers, is there any risk?
Are there any known CVEs around this?