@chat21/chat21-server (>=0.1.0 <=0.2.54), @coaty/core (>=2.0.0 <=2.0.1) +21 more potentially affected by CVE-2020-13410 via aedes (>=0.11.1 <=0.41.0)

aedes NPM version =0.11.1, =0.1.0, =2.0.0, =2.0.101, =0.0.6, =1.6.0, =1.0.0, =0.1.0, =0.4.9-v, =0.0.1, =0.5.1, =0.0.1, =2.2.7, =1.0.2, =0.2.0, =0.2.1 and more Source cves: CVE-2020-13410 Source advisory: OSV:GHSA-GH78-48H3-FRJQ...

CVE-2019-7154

The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst in emscripten-optimizer/simpleast.h. A crafted input can cause segmentation faults, leading to denial-of-service, as...