Description

`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.

Remediation

References

https://hackerone.com/reports/319809

Related Vulnerabilities

CVE-2023-33202 Vulnerability in maven package org.bouncycastle:bc-fips

CVE-2023-3431 Vulnerability in maven package net.sourceforge.plantuml:plantuml

CVE-2021-43849 Vulnerability in npm package cordova-plugin-fingerprint-aio

CVE-2020-28168 Vulnerability in maven package org.webjars.npm:axios

CVE-2020-28503 Vulnerability in maven package org.webjars.npm:copy-props

Severity

Critical

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Tags

Exploit Issue Tracking Third Party Advisory NVD-CWE-noinfo