CVE-2015-5380
CVE-2015-5380 affects Google V8 (as used by Node.js and io.js) where Utf8DecoderBase::WriteUtf16Slow may not verify memory for a UTF-16 surrogate pair. This can enable a remote attacker to trigger denial of service via a crafted byte sequence, potentially causing memory corruption. Affected versi...