4 matches found
CVE-2022-25872
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...
CVE-2022-25872 Out-of-bounds Read
All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory...
CVE-2022-25872
The CVE-2022-25872 entry concerns the npm package fast-string-search. The vulnerability is an out-of-bounds read caused by incorrect memory freeing and length calculation when the source input is not a string, allowing access to previously allocated memory. Affected component is the fast-string-s...
express-check-introspection-key (=1.0.0), leapfin-exercise (>=1.0.0 <=1.1.1) +1 more potentially affected by CVE-2022-25872 via fast-string-search (=1.4.4)
fast-string-search NPM version =1.4.4 is affected by a known vulnerability. The following packages have a transitive dependency on fast-string-search and may be impacted: - express-check-introspection-key =1.0.0 - leapfin-exercise =1.0.0, =0.0.1, =0.0.2-beta.0 Source cves: CVE-2022-25872 Source...