Lucene search
GitHub Advisory DatabaseGHSA-9JH3-4PC9-HQ29HistoryMar 09, 2023 - 6:30 a.m.
node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannel
2023-03-0906:30:21
CWE-120
GitHub Advisory Database
github.com
4
vulnerable
buffer overflow
findserialportchannel
user input
validation
software
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
56.6%
All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.
Affected configurations
Node
node-bluetooth-serial-port_projectnode-bluetooth-serial-portRange≤2.2.7node.js
| CPE | Name | Operator | Version |
|---|---|---|---|
| node-bluetooth-serial-port | le | 2.2.7 |
Related
osv
osv
veracode
veracode
Buffer Overflow
2023-03-16 05:40:18
cve
cve
CVE-2023-26109
2023-03-09 05:15:56
prion
prion
Buffer overflow
2023-03-09 05:15:00
cvelist
cvelist
CVE-2023-26109
2023-03-09 05:00:03
nvd
nvd
CVE-2023-26109
2023-03-09 05:15:56
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
56.6%
Related for GHSA-9JH3-4PC9-HQ29