Affected versions of
node-weakauras-parser are vulnerable to a Buffer Overflow. The
encode_weakaura function fails to properly validate the input size. A buffer of 13835058055282163711 bytes causes an overflow on 64-bit systems.
Upgrade to versions 1.0.5, 2.0.2, 3.0.1 or later.
publishedAdvisory PublishedApr 7th, 2020
reportedReported by VelithrisApr 7th, 2020