Out-of-Bounds Read Vulnerability in Node.js stringstream Module (Versions < 0.0.6)
CVE-2018-21270 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).
Learn more about our Web Application Penetration Testing UK.