Vulnerabilities > CVE-2021-39157 - Improper Handling of Exceptional Conditions vulnerability in Detect-Character-Encoding Project Detect-Character-Encoding

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

detect-character-encoding-project

CWE-755

NVD

Published: 2021-08-24

Updated: 2021-09-01

Summary

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in [detect-character-encoding v0.7.0](https://github.com/sonicdoe/detect-character-encoding/releases/tag/v0.7.0). No workaround are available and all users should update to resolve this issue.

Vulnerable Configurations

Part	Description	Count
Application	Detect-Character-Encoding_Project Detect Character Encoding Project Detect Character Encoding - Detect Character Encoding Project Detect Character Encoding 0.1.0 Detect Character Encoding Project Detect Character Encoding 0.2.0 Detect Character Encoding Project Detect Character Encoding 0.2.1 Detect Character Encoding Project Detect Character Encoding 0.3.0 Detect Character Encoding Project Detect Character Encoding 0.3.1 Detect Character Encoding Project Detect Character Encoding 0.4.0 Detect Character Encoding Project Detect Character Encoding 0.5.0 Detect Character Encoding Project Detect Character Encoding 0.5.1 Detect Character Encoding Project Detect Character Encoding 0.6.0	10

Common Weakness Enumeration (CWE)

CWE-755 - Improper Handling of Exceptional Conditions

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References