Vulnerability	Vulnerable Version
M Uninitialized Memory Exposure `life_star` is a web server for `Lively`. A possible memory disclosure vulnerability exists when a value of type `number` is provided to the `buffer` and results in concatenation of uninitialized memory to the buffer collection. This is a result of unobstructed use of the `Buffer` constructor, whose insecure default constructor increases the odds of memory leakage. You can read more about the insecure `Buffer` behavior on our blog. Similar vulnerabilities were discovered in bl, request, mongoose, ws and sequelize. Note This is vulnerable only for Node <=4	<=0.8.4

Uninitialized Memory Exposure

life_star is a web server for Lively.

A possible memory disclosure vulnerability exists when a value of type number is provided to the buffer and results in concatenation of uninitialized memory to the buffer collection. This is a result of unobstructed use of the Buffer constructor, whose insecure default constructor increases the odds of memory leakage.

You can read more about the insecure Buffer behavior on our blog.

Similar vulnerabilities were discovered in bl, request, mongoose, ws and sequelize.

Note This is vulnerable only for Node <=4

<=0.8.4

Go back to all versions of this package