A possible memory disclosure vulnerability exists when a value of type
number is provided to the
buffer and results in concatenation of uninitialized memory to the buffer collection.
This is a result of unobstructed use of the
Buffer constructor, whose insecure default constructor increases the odds of memory leakage.
You can read more about the insecure
Buffer behavior on our blog.
Note This is vulnerable only for Node <=4
- Сковорода Никита Андреевич (ChALkeR)
- Snyk ID
- 12 Feb, 2016
- 10 Nov, 2016