Lucene search
Veracode Vulnerability DatabaseVERACODE:39787HistoryMar 15, 2023 - 5:14 p.m.
Arbitrary Code Execution
2023-03-1517:14:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
arbitrary code execution
sqlite3
napi::value
javascript
denial of service
0.003 Low
EPSS
Percentile
68.6%
sqlite3 is vulnerable to Arbitrary Code Execution. The vulnerability exists due to the .ToString() implementation because it calls the napi_coerce_to_string function which can execute JavaScript when passed a crafted Napi::Value object, allowing an attacker to execute arbitrary JavaScript in the browser or cause Denial of Service.
Related
cve
cve
CVE-2022-43441
2023-03-16 21:15:11
ubuntucve
ubuntucve
CVE-2022-43441
2023-03-16 00:00:00
talosblog
talosblog
osv
osv
CVE-2022-43441
2023-03-16 21:15:11
sqlite vulnerable to code execution due to Object coercion
2023-03-13 20:00:52
node-sqlite3 - security update
2023-03-14 00:00:00
nessus
nessus
Debian DSA-5373-1 : node-sqlite3 - security update
2023-03-16 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5373-1)
2023-03-20 00:00:00
nvd
nvd
CVE-2022-43441
2023-03-16 21:15:11
talos
talos
Ghost Foundation node-sqlite3 code execution vulnerability
2023-03-16 00:00:00
cvelist
cvelist
CVE-2022-43441
2023-03-16 20:14:14
debiancve
debiancve
CVE-2022-43441
2023-03-16 21:15:11
prion
prion
Remote code execution
2023-03-16 21:15:00
debian
debian
[SECURITY] [DSA 5373-1] node-sqlite3 security update
2023-03-14 21:48:34
github
github
sqlite vulnerable to code execution due to Object coercion
2023-03-13 20:00:52
