CVE-2022-25872: Out-of-bounds Read in fast-string-search
(updated )
All versions of package fast-string-search is vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.
References
Detect and mitigate CVE-2022-25872 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →