12 matches found
EUVD-2024-2343
Malicious code in bioql PyPI...
CVE-2024-21524
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...
Out-of-bounds Read
node-stringbuilder is vulnerable to Out-of-bounds Read. The vulnerability is due to incorrect memory length calculation when calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. An attacker can return previously allocated memory by providing negativ...
@persistr/cli (>=2.7.1 <=2.9.1), spidersharkcli (>=0.0.4 <=0.0.8) potentially affected by CVE-2024-21524 via node-stringbuilder (=2.2.7)
node-stringbuilder NPM version =2.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on node-stringbuilder and may be impacted: - @persistr/cli =2.7.1, =0.0.4, =0.0.8 Source cves: CVE-2024-21524 Source advisory: OSV:GHSA-G533-XQ5W-JMF3...
node-stringbuilder vulnerable to Out-of-bounds Read
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...
GHSA-G533-XQ5W-JMF3 node-stringbuilder vulnerable to Out-of-bounds Read
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...
CVE-2024-21524
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...
CVE-2024-21524
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example,...
CVE-2024-21524
The CVE-2024-21524 entry affects the node-stringbuilder package. Affected component: StringBuilder usage in ToBuffer, ToString, or CharAt on non-empty inputs can miscalculate memory length, enabling out-of-bounds reads and potential information disclosure. Impact is described across multiple sour...
PT-2024-18938 · Npm · Node-Stringbuilder
Name of the Vulnerable Software and Affected Versions: node-stringbuilder versions all Description: The issue arises from incorrect memory length calculation in the node-stringbuilder package, leading to an Out-of-bounds Read. This occurs when methods such as ToBuffer, ToString, or CharAt are...
@persistr/cli (>=2.7.1 <=2.9.1), spidersharkcli (>=0.0.4 <=0.0.8) potentially affected by CVE-2024-21524 via node-stringbuilder (=2.2.7)
node-stringbuilder NPM version =2.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on node-stringbuilder and may be impacted: - @persistr/cli =2.7.1, =0.0.4, =0.0.8 Source cves: CVE-2024-21524 Source advisory: SNYK:JS-NODESTRINGBUILDER-6421617...
Out-of-bounds Read
Overview node-stringbuilder is an An easy and fast in-memory string builder for Node.js. Affected versions of this package are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string...