Homepage
About Snyk

floody@0.0.1 vulnerabilities

combines floods of small stream writes while not delaying or buffering writes when not flooded. buffers only up to configure ammount and only keeps buffer around for at most configured interval.

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the floody package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Uninitialized Memory Exposure

floody combines floods of small stream writes while not delaying or buffering writes when not flooded.

A possible memory disclosure vulnerability exists when a value of type number is provided to the write() method and results in the concatenation of uninitialized memory to the buffer collection.

This is a result of unobstructed use of the Buffer constructor, whose insecure default constructor increases the odds of memory leakage.

How to fix Uninitialized Memory Exposure?

Upgrade floody to version 0.1.1 or higher. Note This is vulnerable only for Node <=4

<0.1.1
Go back to all versions of this package