cve/CVE-2024-21525.md at d6bcaa53f24d3df2dbf6336b03d1d66a29e9f0f3

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio d6bcaa53f2 Update CVE sources 2024-07-25 21:25

2024-07-25 21:25:12 +00:00

Description

All versions of the package node-twain are vulnerable to Improper Check or Handling of Exceptional Conditions due to the length of the source data not being checked. Creating a new twain.TwainSDK with a productName or productFamily, manufacturer, version.info property of length >= 34 chars leads to a buffer overflow vulnerability.

POC

Reference

https://security.snyk.io/vuln/SNYK-JS-NODETWAIN-6421153

Github

https://github.com/dellalibera/dellalibera

896 B Raw Blame History

CVE-2024-21525

Description

POC

Reference

Github

896 B

Raw Blame History