CVE-2026-32630
- EPSS 0.05%
- Veröffentlicht 13.03.2026 20:54:16
- Zuletzt bearbeitet 17.03.2026 19:05:56
file-type detects the file type of a file, stream, or data. From 20.0.0 to 21.3.1, a crafted ZIP file can trigger excessive memory growth during type detection in file-type when using fileTypeFromBuffer(), fileTypeFromBlob(), or fileTypeFromFile(). T...
CVE-2026-31808
- EPSS 0.03%
- Veröffentlicht 10.03.2026 21:01:55
- Zuletzt bearbeitet 18.03.2026 19:48:13
file-type detects the file type of a file, stream, or data. Prior to 21.3.1, a denial of service vulnerability exists in the ASF (WMV/WMA) file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the ...
CVE-2022-36313
- EPSS 0.17%
- Veröffentlicht 21.07.2022 16:15:09
- Zuletzt bearbeitet 17.03.2026 19:18:04
An issue was discovered in the file-type package before 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and coul...