ID |
CVE-2024-21525
|
Summary |
All versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional Conditions due to the length of the source data not being checked. Creating a new twain.TwainSDK with a productName or productFamily, manufacturer, version.info property of length >= 34 chars leads to a buffer overflow vulnerability. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | None |
Impact: | |
Exploitability: | |
|
Access |
Vector | Complexity | Authentication |
|
|
|
|
Impact |
Confidentiality | Integrity | Availability |
|
|
|
|
Last major update |
11-07-2024 - 13:05 |
Published |
10-07-2024 - 05:15 |
Last modified |
11-07-2024 - 13:05 |