Lucene search
K

4 matches found

NVD
NVD
added 2022/06/17 8:15 p.m.16 views

CVE-2022-25872

All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...

5.3CVSS0.01068EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/06/17 8:5 p.m.26 views

CVE-2022-25872 Out-of-bounds Read

All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...

5.3CVSS5.5AI score0.01068EPSS
Exploits1References2
CVE
CVE
added 2022/06/17 8:5 p.m.65 views

CVE-2022-25872

The CVE-2022-25872 entry concerns the npm package fast-string-search. The vulnerability is an out-of-bounds read caused by incorrect memory freeing and length calculation when the source input is not a string, allowing access to previously allocated memory. Affected component is the fast-string-s...

5.3CVSS5.2AI score0.01068EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2022/02/03 7:51 a.m.6 views

express-check-introspection-key (=1.0.0), leapfin-exercise (>=1.0.0 <=1.1.1) +1 more potentially affected by CVE-2022-25872 via fast-string-search (=1.4.4)

fast-string-search NPM version =1.4.4 is affected by a known vulnerability. The following packages have a transitive dependency on fast-string-search and may be impacted: - express-check-introspection-key =1.0.0 - leapfin-exercise =1.0.0, =0.0.1, =0.0.2-beta.0 Source cves: CVE-2022-25872 Source...

5.3CVSS6AI score0.01068EPSS
Exploits1
Rows per page
Query Builder