CVE-2021-39131

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-39131

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-39131.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-39131

Aliases

GHSA-27wq-qx3q-fxm9

Related

GHSA-27wq-qx3q-fxm9

Published

2021-08-17T23:15:07.507Z

Modified

2025-11-21T23:02:49.378457Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffer(obj).

References

Affected packages

Git / github.com/sonicdoe/ced

Affected ranges

Type: GIT
Repo: https://github.com/sonicdoe/ced
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2be643baa9626bbe11db075f7b5013bef6488087

Fixed

a4d9f10b6bf1cd468d1a5b9a283cdf437f8bb7b3

Affected versions

v0.*

v0.1.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-39131.json"