7 matches found
SUSE CVE-2023-39332
Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...
GHSA-773H-W45W-F2F9 Denial of service vulnerability exists in libxmljs
libxmljs provides libxml bindings for v8 javascript engine. This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a...
Denial of service vulnerability exists in libxmljs
libxmljs provides libxml bindings for v8 javascript engine. This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a...
CVE-2022-21144
This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash...
PT-2022-14877 · Npm · Libxmljs
Name of the Vulnerable Software and Affected Versions: libxmljs versions all Description: The issue arises when the libxmljs.parseXml function is invoked with a non-buffer argument. In such cases, the V8 code attempts to call the toString method of the argument. If the argument's toString value i...
Denial of Service (DoS)
Overview libxmljs is a libxml bindings for v8 javascript engine Affected versions of this package are vulnerable to Denial of Service DoS. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the...
Github ced 输入验证错误漏洞
Github ced is a software application. Character encoding is detected using Google's compactencdet library. An Input Validation Error vulnerability exists in Github ced that stems from the product not doing valid validation of user input data types. An attacker could cause a Nodejs process to cras...