English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Bufferlist Project Bufferlist 0.6.0 for Node.js

CPE Details

Bufferlist Project Bufferlist 0.6.0 for Node.js
bufferlist_project
bufferlist
0.6.0
2020-11-03 17:56 +00:00
2020-11-03 17:56 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:bufferlist_project:bufferlist:0.6.0:*:*:*:*:node.js:*:*

Informations

Vendor

bufferlist_project

Product

bufferlist

Version

0.6.0

Target Software

node.js

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-8244 2020-08-30 11:43 +00:00 A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.
6.5
MEDIUM

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.