4 matches found
CVE-2023-2512
Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a...
@miniflare/tre (=3.0.0-next.14), miniflare (>=0.20230628.0 <=0.20230908.0) +1 more potentially affected by CVE-2023-2512 via workerd (>=0.20230628.0 <=1.20230404.0)
workerd NPM version =0.20230628.0, =0.20230628.0, =0.0.0-3f61892d, =0.0.0-bcdc1fe5 Source cves: CVE-2023-2512 Source advisory: OSV:GHSA-8VX6-69VG-C46F...
CVE-2023-2512
CVE-2023-2512 affects Cloudflare workerd’s FormData API implementation prior to v1.20230419.0, where an integer overflow could occur if a FormData contains more than 2^31 elements. The forEach() iteration could read from the wrong memory location, potentially causing a segmentation fault and, in ...
CVE-2023-2512 Buffer under-read in workerd
Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a...