Vulnerabilities > CVE-2022-21164 - Unspecified vulnerability in Node-Lmdb Project Node-Lmdb

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

node-lmdb-project

NVD

Published: 2022-03-16

Updated: 2022-03-28

Summary

The package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check.

Vulnerable Configurations

Part	Description	Count
Application	Node-Lmdb_Project Node Lmdb Project Node Lmdb *	1

References

https://github.com/Venemo/node-lmdb/commit/97760104c0fd311206b88aecd91fa1f59fe2b85a
https://snyk.io/vuln/SNYK-JS-NODELMDB-2400723