Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service (DoS)
Vulnerability Description
This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
libxmljs 输入验证错误漏洞
Vulnerability Description
libxmljs是node.js的 LibXML 绑定。 libxmljs 包的所有版本存在输入验证错误漏洞,该漏洞源于调用非缓冲区参数时,V8代码将尝试调用该参数的.tostring方法。如果参数的toString值不是Function对象,V8会崩溃。
CVSS Information
N/A
Vulnerability Type
N/A