CVE-2022-21164

High

The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause…

snyk·NVD-CWE-noinfo·Published 2022-03-16

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

166 chars

The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check.

NVDen

166 chars

The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check.

OSV.deven

167 chars

The package node-lmdb before 0.9.7 is vulnerable to Denial of Service (DoS) when defining a non-invokable `ToString` value, which will cause a crash during type check.

GHSAen

167 chars

The package node-lmdb before 0.9.7 is vulnerable to Denial of Service (DoS) when defining a non-invokable `ToString` value, which will cause a crash during type check.

NVDes

206 chars

El paquete node-lmdb versiones anteriores a 0.9.7, es vulnerable a una denegación de servicio (DoS) cuando es definido un valor ToString no invocable, lo que causará un fallo durante la comprobación de tipo

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H