Skip to main content

Uncaught Exception

CVE-2022-21227

Severity High
Score 7.5/10

Summary

The package sqlite3 5.0.x before 5.0.3 are vulnerable to Denial of Service (DoS) which will invoke the toString function of the passed parameter. If passed an invalid Function object it will throw and crash the V8 engine.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-248 - Uncaught Exception

An exception is thrown from a function, but it is not caught.

Advisory Timeline

  • Published