GHSA-9jh3-4pc9-hq29

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/03/GHSA-9jh3-4pc9-hq29/GHSA-9jh3-4pc9-hq29.json
Aliases
  • CVE-2023-26109
Published
2023-03-09T06:30:21Z
Modified
2023-03-15T19:18:36Z
Details

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.

References

Affected packages

npm / node-bluetooth-serial-port

node-bluetooth-serial-port

Affected ranges

Type
SEMVER
Events
Introduced
0

Affected versions

Database specific

{
    "last_known_affected_version_range": "<= 2.2.7"
}