CVE-2021-39157

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-39157

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-39157.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-39157

Aliases

GHSA-jqfh-8hw5-fqjr

Related

GHSA-jqfh-8hw5-fqjr

Published

2021-08-24T19:15:32.127Z

Modified

2025-11-20T11:51:12.879580Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

detect-character-encoding is an open source character encoding inspection library. In detect-character-encoding v0.6.0 and earlier, data matching no charset causes the Node.js process to crash. The problem has been patched in detect-character-encoding v0.7.0. No workaround are available and all users should update to resolve this issue.

References

Affected packages

Git / github.com/sonicdoe/detect-character-encoding

Affected ranges

Type: GIT
Repo: https://github.com/sonicdoe/detect-character-encoding
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

992a11007fff6cfd40b952150ab8d30410c4a20a

Affected versions

v0.*

v0.1.0

v0.2.0

v0.2.1

v0.3.0

v0.3.1

v0.4.0

v0.5.0

v0.5.1

v0.6.0

Database specific

vanir_signatures

[
    {
        "digest": {
            "function_hash": "244521284125772824062875955107530677307",
            "length": 1396.0
        },
        "target": {
            "file": "icuWrapper.cpp",
            "function": "NAN_METHOD"
        },
        "deprecated": false,
        "source": "https://github.com/sonicdoe/detect-character-encoding/commit/992a11007fff6cfd40b952150ab8d30410c4a20a",
        "id": "CVE-2021-39157-871caf3a",
        "signature_version": "v1",
        "signature_type": "Function"
    }
]