WS-2018-0103 Medium Severity Vulnerability detected by WhiteSource #61

mend-bolt-for-github · 2019-02-22T01:14:21Z

WS-2018-0103 - Medium Severity Vulnerability

Vulnerable Library - stringstream-0.0.5.tgz

Encode and decode streams into string streams

path: /tmp/git/jenkins-material-theme/node_modules/npm/node_modules/request/node_modules/stringstream/package.json

Library home page: http://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz

Dependency Hierarchy:

npm-3.10.10.tgz (Root Library)
- request-2.75.0.tgz
  - ❌ stringstream-0.0.5.tgz (Vulnerable Library)

Vulnerability Details

All versions of stringstream are vulnerable to out-of-bounds read as it allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below.

Publish Date: 2018-05-16

URL: WS-2018-0103

CVSS 2 Score Details (5.2)

Base Score Metrics not available

Step up your Open Source Security Game with WhiteSource here

mend-bolt-for-github bot added the security vulnerability Security vulnerability detected by WhiteSource label Feb 22, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

WS-2018-0103 Medium Severity Vulnerability detected by WhiteSource #61

WS-2018-0103 Medium Severity Vulnerability detected by WhiteSource #61

mend-bolt-for-github bot commented Feb 22, 2019

WS-2018-0103 Medium Severity Vulnerability detected by WhiteSource #61

WS-2018-0103 Medium Severity Vulnerability detected by WhiteSource #61

Comments

mend-bolt-for-github bot commented Feb 22, 2019

WS-2018-0103 - Medium Severity Vulnerability