CVE-2022-21144 in libxmljsinformazioni

Riassunto

di MITRE • 01/05/2022

This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsabile

Snyk

Prenotare

24/02/2022

Divulgazione

01/05/2022

Moderazione

accettato

Voce

VDB-198764

CPE

pronto

CWE

CWE-120 (confermato)

CVSS

7.5 (CNA)

EPSS

0.01784

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-21144
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-21144
CVE Details	https://www.cvedetails.com/cve/CVE-2022-21144/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!