Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/10/17 12:59 a.m.4 views

SUSE CVE-2023-39332

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

7.5CVSS7.9AI score0.01819EPSS
Exploits0References3
OSV
OSV
added 2022/05/03 12:0 a.m.4 views

GHSA-773H-W45W-F2F9 Denial of service vulnerability exists in libxmljs

libxmljs provides libxml bindings for v8 javascript engine. This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a...

7.5CVSS7.1AI score0.01784EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2022/05/03 12:0 a.m.21 views

Denial of service vulnerability exists in libxmljs

libxmljs provides libxml bindings for v8 javascript engine. This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a...

7.5CVSS4.6AI score0.01784EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/05/01 3:20 p.m.8 views

CVE-2022-21144

This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash...

7.5CVSS7.2AI score0.01784EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/05/01 12:0 a.m.10 views

PT-2022-14877 · Npm · Libxmljs

Name of the Vulnerable Software and Affected Versions: libxmljs versions all Description: The issue arises when the libxmljs.parseXml function is invoked with a non-buffer argument. In such cases, the V8 code attempts to call the toString method of the argument. If the argument's toString value i...

7.5CVSS7.4AI score0.01784EPSS
Exploits1References9
Snyk
Snyk
added 2022/01/20 2:26 p.m.6 views

Denial of Service (DoS)

Overview libxmljs is a libxml bindings for v8 javascript engine Affected versions of this package are vulnerable to Denial of Service DoS. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the...

7.5CVSS6.9AI score0.01784EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/08/17 12:0 a.m.5 views

Github ced 输入验证错误漏洞

Github ced is a software application. Character encoding is detected using Google's compactencdet library. An Input Validation Error vulnerability exists in Github ced that stems from the product not doing valid validation of user input data types. An attacker could cause a Nodejs process to cras...

7.5CVSS7.3AI score0.01891EPSS
Exploits1References4
Rows per page
Query Builder