Description
detect-character-encoding is a package for detecting character encoding using ICU. In detect-character-encoding v0.3.0 and earlier, allocated memory is not released. The problem has been patched in detect-character-encoding v0.3.1.
Remediation
References
https://github.com/sonicdoe/detect-character-encoding/security/advisories/GHSA-5rwj-j5m3-3chj
https://github.com/sonicdoe/detect-character-encoding/pull/6
https://github.com/sonicdoe/detect-character-encoding/releases/tag/v0.3.1
https://github.com/sonicdoe/detect-character-encoding/commit/d44356927b92e3b13e178071bf6d7c671766f588
Related Vulnerabilities
CVE-2022-31160 Vulnerability in maven package org.webjars.bowergithub.jquery:jquery-ui
CVE-2020-28447 Vulnerability in npm package xopen
CVE-2022-31183 Vulnerability in maven package co.fs2:fs2-io_sjs1_2.12
CVE-2021-44684 Vulnerability in npm package github-todos
CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core-api