Denial Of Service (DoS)

2023-01-0414:11:05

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

github

sajari

docconv

vulnerability

unbounded memory consumption

application crash

software

0.002 Low

EPSS

Percentile

52.1%

JSON

github.com/sajari/docconv is vulnerable to denial of service. The vulnerability exists in multiple functions due to unbounded memory consumption which allows an attacker to cause an application crash.

CPENameOperatorVersion
github.com/sajari/docconvlev1.2.0
github.com/sajari/docconvlev1.2.0

CPE	Name	Operator	Version
	github.com/sajari/docconv	le	v1.2.0
	github.com/sajari/docconv	le	v1.2.0

References

github.com/advisories/GHSA-qvx2-59g8-8hph

github.com/sajari/docconv/commit/42bcff666855ab978e67a9041d0cdea552f20301

github.com/sajari/docconv/pull/111

github.com/sajari/docconv/releases/tag/v1.2.1

vuldb.com/?ctiid.216779

vuldb.com/?id.216779

0.002 Low

EPSS

Percentile

52.1%

JSON

Related for VERACODE:38766