Twig 安全漏洞

Twig is a PHP template engine open-sourced by Twig. Twig has a security vulnerability that stems from the fact that when an object is part of an array or parameter list in a sandbox, an attacker can call the toString method on the object even if the security policy does not allow it...

PT-2024-40582 · Git +1 · Maven-Model

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A security exception crash was reported, involving the java.base/java.util.Arrays.copyOfRange, java.base/java.lang.StringUTF16.newString, and...

OSV-2024-955 Use-of-uninitialized-value in pcpp::IPv6Address::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42536479 Crash type: Use-of-uninitialized-value Crash state: pcpp::IPv6Address::toString pcpp::NDPNeighborSolicitationLayer::toString pcpp::Packet::toStringList...

OSV-2024-954 Use-of-uninitialized-value in pcpp::MplsLayer::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68950 Crash type: Use-of-uninitialized-value Crash state: pcpp::MplsLayer::toString FuzzTarget.cpp pcpp::RawPacket::RawPacket...

OSV-2024-816 Use-of-uninitialized-value in pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69006 Crash type: Use-of-uninitialized-value Crash state: pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toString pcpp::SSLClientHelloMessage::ClientHelloTLSFingerprint::toStringAndMD5...

PT-2024-40892 · Git +1 · Pcapplusplus

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 16 crash has been reported. The crash occurs in the pcpp::NDPNeighborAdvertisementLayer::toString function, which is called b...

CVE-2024-21524

All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...

CVE-2024-21521

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash...

CVE-2024-21521

CVE-2024-21521 affects the @discordjs/opus package (native bindings to libopus). The vulnerability arises when an input object with a toString property is passed to several functions, potentially causing a system crash (DoS). If exploiting details are provided, they would be consistent with a Den...

CVE-2024-21524

All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...

CVE-2024-21521

All versions of the package @discordjs/opus are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash...

opus security breach

opus is an open source native binding to libopus v1.3 by discord.js. A security vulnerability exists in opus that stems from supplying input objects with the toString attribute to several different functions, making it susceptible to denial of service DoS attacks...

PT-2024-18938 · Npm · Node-Stringbuilder

Name of the Vulnerable Software and Affected Versions: node-stringbuilder versions all Description: The issue arises from incorrect memory length calculation in the node-stringbuilder package, leading to an Out-of-bounds Read. This occurs when methods such as ToBuffer, ToString, or CharAt are...

PT-2024-18935 · Unknown · @Discordjs/Opus

Name of the Vulnerable Software and Affected Versions: @discordjs/opus versions all Description: The issue is related to a Denial of Service DoS condition that can occur when an input object with a toString property is provided to several different functions. This can lead to a system or process...

Denial of Service (DoS)

Overview @discordjs/opus is a native bindings to libopus. Affected versions of this package are vulnerable to Denial of Service DoS due to providing an input object with a property toString to several different functions. Exploiting this vulnerability could lead to a system crash. Details Denial ...

GHSA-HHR9-RH25-HVF9 Feathers socket handler allows abusing implicit toString

Impact Feathers socket handler did not catch invalid string conversion errors like: ts const message = $ toString: '' Causing the NodeJS process to crash when sending an unexpected Socket.io message like ts socket.emit'find', toString: '' Patches A fix has been released in - v5.0.8 via 3241 -...

CVE-2023-37899 feathersjs socket handler allows abusing implicit toString

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. Feathers socket handler did not catch invalid string conversion errors like const message = $ toString: '' which would cause the NodeJS process to crash when sending an unexpected Socket.io...

sqlite vulnerable to code execution due to Object coercion

Impact Due to the underlying implementation of .ToString, it's possible to execute arbitrary JavaScript, or to achieve a denial-of-service, if a binding parameter is a crafted Object. Users of sqlite3 v5.0.0 - v5.1.4 are affected by this. Patches Fixed in v5.1.5. All users are recommended to...

SUSE CVE-2005-0141

Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab...

SUSE CVE-2013-0748

The XBL.proto.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 makes it easier for remote attackers to bypass the ASLR...