CVE-2022-21144, GHSA-773h-w45w-f2f9
npm/libxmljs
Denial of service vulnerability exists in libxmljs
This affects all versions of package libxmljs. When invoking the libxmljs.parseXml function with a non-buffer argument the V8 code will attempt invoking the .toString method of the argument. If the argument's toString value is not a Function object V8 will crash.
All versions before 0.19.8
Upgrade to version 0.19.8 or above.
2022-05-05
source |