CVE-2018-21270

Published
View on NVD ↗
CVSS v3
6.5
MEDIUM
CVSS v2
5.8
MEDIUM
Affected
1
PROJECT

Description

Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).

mhart/StringStream
mhart/StringStream
Encode and decode streams into string streams in node.js
GitHubGitHub
27