Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveSnykCVE-2022-21144
HistoryMay 01, 2022 - 4:15 p.m.

CVE-2022-21144

2022-05-0116:15:07
CWE-20
snyk
web.nvd.nist.gov
60
2
vulnerability
cve-2022-21144
libxmljs
v8
code crash
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

55.9%

JSON

This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument’s toString value is not a Function object V8 will crash.

Affected configurations

Nvd
Node
libxmljs_projectlibxmljsRange<0.19.8node.js
VendorProductVersionCPE
libxmljs_projectlibxmljs*cpe:2.3:a:libxmljs_project:libxmljs:*:*:*:*:*:node.js:*:*

CNA Affected

[
  {
    "product": "libxmljs",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

Related

veracode 2
prion 1
cvelist 1
osv 2
nvd 1
github 1
veracode
veracode
Denial Of Service (DoS)
2022-05-05 07:42:17
Denial Of Service (DoS)
2022-05-06 14:40:41
prion
prion
Code injection
2022-05-01 16:15:00
cvelist
cvelist
CVE-2022-21144 Denial of Service (DoS)
2022-05-01 15:25:10
osv
osv
Denial of service vulnerability exists in libxmljs
2022-05-03 00:00:46
CVE-2022-21144
2022-05-01 16:15:07
nvd
nvd
CVE-2022-21144
2022-05-01 16:15:07
github
github
Denial of service vulnerability exists in libxmljs
2022-05-03 00:00:46

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

55.9%

JSON
Related for CVE-2022-21144
veracode2prion1cvelist1osv2nvd1github1