Количество 2
Количество 2
CVE-2024-21524
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example, by providing negative indexes, leading to an Information Disclosure.
GHSA-g533-xq5w-jmf3
node-stringbuilder vulnerable to Out-of-bounds Read
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-21524 All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example, by providing negative indexes, leading to an Information Disclosure. | CVSS3: 8.2 | 0% Низкий | больше 1 года назад |
| GHSA-g533-xq5w-jmf3 node-stringbuilder vulnerable to Out-of-bounds Read | CVSS3: 8.2 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу