Neoclassical Programming Multitude
Severity: moderate

Buffer Overflow

node-weakauras-parser

Overview

Affected versions of node-weakauras-parser are vulnerable to a Buffer Overflow. The encode_weakaura function fails to properly validate the input size. A buffer of 13835058055282163711 bytes causes an overflow on 64-bit systems.

Remediation

Upgrade to versions 1.0.5, 2.0.2, 3.0.1 or later.

Resources

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory Published
    Apr 7th, 2020
  2. reported

    Reported by Velithris
    Apr 7th, 2020