Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
CWE-915
Vulnerability Title
node-sqlite3 安全漏洞
Vulnerability Description
node-sqlite3是基于Node.js的异步、非阻塞SQLite3接口库。 node-sqlite3 存在安全漏洞,该漏洞源于如果绑定参数是精心设计的对象,则 Node.js 的 SQLite3 绑定容易受到执行任意 JavaScript 代码的影响。
CVSS Information
N/A
Vulnerability Type
N/A