Description

`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.

Remediation

References

https://hackerone.com/reports/319809

Related Vulnerabilities

CVE-2022-45208 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system

CVE-2020-12827 Vulnerability in npm package mjml

CVE-2022-21676 Vulnerability in npm package engine.io

CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core

CVE-2022-2217 Vulnerability in npm package parse-url

Severity

Critical

Classification

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Tags

Exploit Issue Tracking Third Party Advisory NVD-CWE-noinfo