CVE-2023-26109

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in npm/node-bluetooth-serial-port

Identifiers

CVE-2023-26109

Package Slug

npm/node-bluetooth-serial-port

Vulnerability

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Description

All versions of the package node-bluetooth-serial-port is vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-03-16

source