175 matches found
CVE-2022-21227
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...
DEBIAN-CVE-2022-21227
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...
CVE-2022-21227
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...
UBUNTU-CVE-2022-21227
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...
CVE-2022-21144
This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash...
CVE-2022-21227
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...
GHSA-32J9-6QQM-MQ9G Unhandled case in node-lmdb
The package node-lmdb before 0.9.7 is vulnerable to Denial of Service DoS when defining a non-invokable ToString value, which will cause a crash during type check...
CVE-2022-21164
The package node-lmdb before 0.9.7 are vulnerable to Denial of Service DoS when defining a non-invokable ToString value, which will cause a crash during type check...
node-lmdb 安全漏洞
node-lmdb is a node.js binding for LMDB by the individual developer Timur Kristof of Hungary. A security vulnerability exists in node-lmdb that stems from node-lmdb's susceptibility to denial-of-service DoS attacks when defining uncallable ToString values. Successful exploitation will result in a...
Denial of Service (DoS)
Overview posix is a missing POSIX system calls for Node. Affected versions of this package are vulnerable to Denial of Service DoS. When invoking the toString method, it will fallback to 0x0 value, as the value of toString is not invokable not a function, and then it will crash with type-check. P...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine. PoC js let sqlite3 = require'sqlite3'.verbose; let db = new...
OSV-2021-1678 Heap-buffer-overflow in flatbuffers::EscapeString
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42244 Crash type: Heap-buffer-overflow READ 1 Crash state: flatbuffers::EscapeString flexbuffers::Reference::ToString void flexbuffers::AppendToString...
Deserialization of Untrusted Data in Spring AMQP
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
GHSA-945Q-CH46-PCHG Deserialization of Untrusted Data in Spring AMQP
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
CVE-2021-22095
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
UBUNTU-CVE-2021-22095
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
CVE-2021-22095
In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message...
Spring AMQP 代码问题漏洞
Spring AMQP is the application of core Spring concepts to the development of AMQP-based messaging solutions. A security vulnerability exists in Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, which stems from the Spring AMQP Message object in its toString method, which will create a new...
Spring AMQP 代码问题漏洞
Spring AMQP is the application of core Spring concepts to the development of AMQP-based messaging solutions. Spring AMQP suffers from a security vulnerability that stems from a Spring AMQP Message object that will deserialize a message body with content type application x-java-serialized-object i...
GHSA-QVM7-23CJ-437V Remote Code Execution in Apache Dubbo
Some component in Dubbo will try to print the formated string of the input arguments, which will possibly cause RCE for a maliciously customized bean with special toString method. In the latest version, we fix the toString call in timeout, cache and some other places. Fixed in Apache Dubbo 2.7.13...