Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
All versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional Conditions due to the length of the source data not being checked. Creating a new twain.TwainSDK with a productName or productFamily, manufacturer, version.info property of length >= 34 chars leads to a buffer overflow vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
Vulnerability Type
对异常条件检查或处理不恰当
Vulnerability Title
node-twain 安全漏洞
Vulnerability Description
node-twain是lossa个人开发者的一个用于 TWAIN nodejs 的 nodejs 客户端 SDK。可以控制实现 TWAIN 协议的扫描仪。 node-twain存在安全漏洞,该漏洞源于未检查源数据的长度,容易受到不当检查或异常情况处理的影响,会导致缓冲区溢出漏洞。
CVSS Information
N/A
Vulnerability Type
N/A