base64-url before 2.0.0 are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input.
Update to version 2.0.0 or later.
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedMay 16th, 2018
reportedInitial report by Сковорода Никита АндреевичMay 16th, 2018