CVE-2022-25872

Out-of-bounds Read in fast-string-search in npm/fast-string-search

Identifiers

GHSA-hmqg-p8f8-3qrw, CVE-2022-25872

Package Slug

npm/fast-string-search

Vulnerability

Out-of-bounds Read in fast-string-search

Description

All versions of package fast-string-search is vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.

Affected Versions

All versions up to 1.4.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-06-21

source