Description

A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.

Remediation

References

https://hackerone.com/reports/966347

https://lists.debian.org/debian-lts-announce/2021/06/msg00028.html

Related Vulnerabilities

CVE-2016-10531 Vulnerability in maven package org.webjars:marked

CVE-2020-11020 Vulnerability in npm package faye

CVE-2020-28168 Vulnerability in maven package org.webjars.bowergithub.axios:axios

CVE-2020-13921 Vulnerability in maven package org.apache.skywalking:storage-jdbc-hikaricp-plugin

CVE-2019-18797 Vulnerability in maven package org.webjars.npm:node-sass

Severity

High

Classification

CWE-125 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Tags

Exploit Patch Third Party Advisory Mailing List