Описание
Denial of service vulnerability exists in libxmljs
libxmljs provides libxml bindings for v8 javascript engine. This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash.
Пакеты
Наименование
libxmljs
npm
Затронутые версииВерсия исправления
< 0.19.8
0.19.8
Связанные уязвимости
CVSS3: 7.5
nvd
почти 4 года назад
This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash.