CVE-2026-42478

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

Important: nodejs20

Issue Overview: Corrupted pointer in node::fs::ReadFileUtf8const FunctionCallbackInfo& args when args0 is a string, resulting in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Info:...

Important: nodejs22

Issue Overview: Corrupted pointer in node::fs::ReadFileUtf8const FunctionCallbackInfo& args when args0 is a string, resulting in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Info:...

nodejs: Memory Leak in Node.js ReadFileUtf8 Binding Leading to DoS

A flaw was found in the ReadFileUtf8 internal binding of Node.js. This vulnerability can allow an attacker to cause an application denial of service via repeated file read operations that trigger an unrecoverable memory leak due to a corrupted pointer in the underlying file system binding...

Updated nodejs packages fix security vulnerabilities

Corrupted pointer in node::fs::ReadFileUtf8const FunctionCallbackInfo& args when args0 is a string. CVE-2025-23165 Improper error handling in async cryptographic operations crashes process. CVE-2025-23166 Improper HTTP header block termination in llhttp. CVE-2025-23167...

CVE-2025-23165

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...

CVE-2025-23122

CVE-2025-23122 is a duplicate entry of CVE-2025-23165 and is not an active vulnerability on its own. Connected sources provide concrete details for CVE-2025-23165: in Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uv_fs_s.file when a UTF-16 path buffer is ov...

CVE-2025-23165

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...

Node.js: Corrupted pointer in node::fs::ReadFileUtf8(const FunctionCallbackInfo<Value>& args) when args[0] is a string.

In Node.js, the ReadFileUtf8 internal binding was found to have a memory leak due to a corrupted pointer in uvfss.file. A UTF-16 path buffer was allocated and subsequently overwritten when the file descriptor was set, leading to an unrecoverable memory leak on every call...

UBUNTU-CVE-2024-38797

EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...

PT-2025-21252 · Node.Js +4 · Node.Js +4

Name of the Vulnerable Software and Affected Versions: nodejs affected versions not specified Description: The issue is related to a corrupted pointer in the node::fs::ReadFileUtf8const FunctionCallbackInfoValue& args function when the args0 is a string. This is a problem in the nodejs package,...

Astra Linux - уязвимость в nodejs

In Node.js, the ReadFileUtf8 internal binding leaks memory due to a corrupted pointer in uvfss.file: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory...