vulnerability

Debian: CVE-2022-21227: node-sqlite3 -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	May 1, 2022	Jul 30, 2024	Jul 30, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

May 1, 2022

Added

Jul 30, 2024

Modified

Jul 30, 2024

Description

The package sqlite3 before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine.

Solution

debian-upgrade-node-sqlite3

References

CVE-2022-21227
https://attackerkb.com/topics/CVE-2022-21227

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today