PT-2021-22414 · Npm · Detect-Character-Encoding

Sonicdoe

·

Published

2021-08-24

·

Updated

2021-09-01

·

CVE-2021-39157

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions detect-character-encoding versions 0.6.0 and earlier
Description The issue occurs when data matching no charset causes the Node.js process to crash. This problem has been patched in version 0.7.0.
Recommendations For detect-character-encoding versions 0.6.0 and earlier, update to version 0.7.0 to resolve the issue.

Exploit

Fix

Improper Handling of Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-755

Related Identifiers

CVE-2021-39157
GHSA-JQFH-8HW5-FQJR

Affected Products

Detect-Character-Encoding