Description

`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.

Remediation

References

https://hackerone.com/reports/319809

Related Vulnerabilities

CVE-2023-7078 Vulnerability in npm package miniflare

CVE-2022-0225 Vulnerability in maven package org.keycloak:keycloak-core

CVE-2022-24847 Vulnerability in maven package org.geoserver.web:gs-web-sec-jdbc

CVE-2023-34624 Vulnerability in maven package net.sourceforge.htmlcleaner:htmlcleaner

CVE-2022-40955 Vulnerability in maven package org.apache.inlong:manager-pojo

Severity

Critical

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Tags

Exploit Issue Tracking Third Party Advisory NVD-CWE-noinfo