Severity: moderate

    Out-of-bounds Read



    Versions of stringstream before 0.0.6 are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.


    Upgrade to version 0.0.6 or later.

    Have content suggestions? Visit

    Advisory timeline

    1. published

      Advisory published
      May 16th, 2018
    2. reported

      Initial report by Сковорода Никита Андреевич
      May 16th, 2018