Security Advisory

CVE-2021-39131

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-17 19:55:09
Last updated 2024-08-04 01:58:17
Assigner GitHub_M
State PUBLISHED

Description

ced detects character encoding using Google’s compact_enc_det library. In ced v0.1.0, passing data types other than `Buffer` causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a `Buffer` using `Buffer.isBuffer(obj)`.