Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
All versions of the package node-stringbuilder are vulnerable to Out-of-bounds Read due to incorrect memory length calculation, by calling ToBuffer, ToString, or CharAt on a StringBuilder object with a non-empty string value input. It's possible to return previously allocated memory, for example, by providing negative indexes, leading to an Information Disclosure.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
StringBuilder for Node.js 安全漏洞
Vulnerability Description
StringBuilder for Node.js是Magic Len个人开发者的一个简单快速的 Node.js 内存字符串生成器。 StringBuilder for Node.js存在安全漏洞,该漏洞源于内存长度计算不正确,容易受到越界读取的影响,从而导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A