Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2018-0100

Good to know:

icon
icon

Date: January 27, 2018

Versions of concat-with-sourcemaps before 1.0.6 allocates uninitialized Buffers when a number is passed as a separator.

Language: JS

Severity Score

Related Resources (3)

https://hackerone.com/reports/320166
https://github.com/floridoo/concat-with-sourcemaps/blob/v1.0.5/index.js#L18
https://www.mend.io/vulnerability-database/WS-2018-0100

Severity Score

Weakness Type (CWE)

Improper Initialization

CWE-665

Top Fix

icon

Upgrade Version

Upgrade to version oburatongoi/productivity - 0.0.13;oburatongoi/productivity - 0.3.36;mfcc/skeleton-application - zf/release-2.0.0beta1;spiral/toolkit - v0.8.20;spiral/toolkit - v0.8.18;spiral/toolkit - v0.9.0;kayrules/solatjakim-api-site - dev-version-1.0;ganuonglachanh/flarum-ext-markdown-editor - 0.1;lukesnowden/application-base - no_fix;binh/mentions - no_fix;z4a-dotnet-scaffold - 1.0.0.2;lufangyu1217/demo - dev-develop;datitisev/flarum-ext-moderator-notes - no_fix;ryanvade/flarum-ext-login-redirect - no_fix;concat-with-sourcemaps - 1.0.6;ilhanet/erpnet-widget-resource - no_fix;org.webjars.npm:concat-with-sourcemaps:1.1.0;org.webjars.npm:aurelia-cli:no_fix

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): HIGH
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us