2 matches found
CVE-2022-21227
The package sqlite3 before 5.0.3 are vulnerable to Denial of Service DoS which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine...
PT-2022-14877 · Npm · Libxmljs
Name of the Vulnerable Software and Affected Versions: libxmljs versions all Description: The issue arises when the libxmljs.parseXml function is invoked with a non-buffer argument. In such cases, the V8 code attempts to call the toString method of the argument. If the argument's toString value i...