4 matches found
Information Disclosure
Node.js is vulnerable to Information Disclosure. The vulnerability is due to improper buffer allocation handling when using the vm module with the timeout option, where interrupted allocations may return buffers containing uninitialized memory, potentially exposing leftover data such as tokens or...
nodejs: Nodejs uninitialized memory exposure
A memory exposure flaw has been discovered in Node.js. A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other...
BIT-NODE-MIN-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...
CVE-2025-55131
A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover...