You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Memory disclosure vulnerability in Bl before 0.9.5 and 1.0.0 allows concatination of uninitialized memory to the buffer collection when a value of type number is provided to the append() method.
mend-for-github-combot
changed the title
WS-2016-0059 (Medium) detected in npm-2.11.2.jar
WS-2016-0059 (Medium) detected in npm-2.11.2.jar - autoclosed
Mar 7, 2023
✔️ This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
WS-2016-0059 - Medium Severity Vulnerability
Vulnerable Library - npm-2.11.2.jar
WebJar for npm
Library home page: http://webjars.org
Path to vulnerable library: /home/wss-scanner/.ivy2/cache/org.webjars/npm/jars/npm-2.11.2.jar
Dependency Hierarchy:
Found in HEAD commit: 95750513b615ecf0ea9b7e14fb5f71e577d01a1f
Found in base branch: master
Vulnerability Details
Memory disclosure vulnerability in Bl before 0.9.5 and 1.0.0 allows concatination of uninitialized memory to the buffer collection when a value of type number is provided to the append() method.
Publish Date: 2016-01-19
URL: WS-2016-0059
CVSS 3 Score Details (5.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Release Date: 2016-01-19
Fix Resolution: 0.9.5,1.0.1
The text was updated successfully, but these errors were encountered: