Lucene search
K

4 matches found

OSV
OSV
added 2019/06/03 5:26 p.m.2 views

GHSA-G74R-FFVR-5Q9F Memory Exposure in concat-stream

Versions of concat-stream before 1.5.2 are vulnerable to memory exposure if userp provided input is passed into write Versions 1.3.0 are not affected due to not using unguarded Buffer constructor. Recommendation Update to version 1.5.2, 1.4.11, 1.3.2 or later. If you are unable to update make sur...

5.9AI score
Exploits0References4
vulnersOsv
vulnersOsv
added 2019/06/03 5:26 p.m.34 views

09-nodejs (=1.0.0), 11.17r (=1.0.0) +1749 more potentially affected by unknown CVE via concat-stream (>=1.5.0 <=1.5.1)

concat-stream NPM version =1.5.0, =0.0.1, =1.0.1, =0.0.2, =0.0.1, =0.1.0, =0.1.0, =1.0.1-0.beta.1, =1.0.0-beta.1, =1.1.5-beta.4 - @arezooq/webserverpackage =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-G74R-FFVR-5Q9F...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2019/06/03 5:26 p.m.3 views

fis-nm (>=1.0.0 <=1.0.3), fis-packager-autopack (>=0.0.19 <=0.2.1) +6 more potentially affected by unknown CVE via concat-stream (=1.4.1)

concat-stream NPM version =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on concat-stream and may be impacted: - fis-nm =1.0.0, =0.0.19, =0.0.1, =0.0.1, =0.0.5, =0.0.6, =0.4.1, =0.4.0, =0.4.1 Source cves: unknown CVE Source advisory:...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2019/06/03 5:26 p.m.22 views

Memory Exposure in concat-stream

Versions of concat-stream before 1.5.2 are vulnerable to memory exposure if userp provided input is passed into write Versions 1.3.0 are not affected due to not using unguarded Buffer constructor. Recommendation Update to version 1.5.2, 1.4.11, 1.3.2 or later. If you are unable to update make sur...

4AI score
Exploits0References5Affected Software1
Rows per page
Query Builder