4 matches found
GHSA-G74R-FFVR-5Q9F Memory Exposure in concat-stream
Versions of concat-stream before 1.5.2 are vulnerable to memory exposure if userp provided input is passed into write Versions 1.3.0 are not affected due to not using unguarded Buffer constructor. Recommendation Update to version 1.5.2, 1.4.11, 1.3.2 or later. If you are unable to update make sur...
09-nodejs (=1.0.0), 11.17r (=1.0.0) +1749 more potentially affected by unknown CVE via concat-stream (>=1.5.0 <=1.5.1)
concat-stream NPM version =1.5.0, =0.0.1, =1.0.1, =0.0.2, =0.0.1, =0.1.0, =0.1.0, =1.0.1-0.beta.1, =1.0.0-beta.1, =1.1.5-beta.4 - @arezooq/webserverpackage =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-G74R-FFVR-5Q9F...
fis-nm (>=1.0.0 <=1.0.3), fis-packager-autopack (>=0.0.19 <=0.2.1) +6 more potentially affected by unknown CVE via concat-stream (=1.4.1)
concat-stream NPM version =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on concat-stream and may be impacted: - fis-nm =1.0.0, =0.0.19, =0.0.1, =0.0.1, =0.0.5, =0.0.6, =0.4.1, =0.4.0, =0.4.1 Source cves: unknown CVE Source advisory:...
Memory Exposure in concat-stream
Versions of concat-stream before 1.5.2 are vulnerable to memory exposure if userp provided input is passed into write Versions 1.3.0 are not affected due to not using unguarded Buffer constructor. Recommendation Update to version 1.5.2, 1.4.11, 1.3.2 or later. If you are unable to update make sur...