GHSA-cxx3-36qc-m6qm

Source

https://github.com/advisories/GHSA-cxx3-36qc-m6qm

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/03/GHSA-cxx3-36qc-m6qm/GHSA-cxx3-36qc-m6qm.json

Aliases

CVE-2023-26110

Published

2023-03-09T06:30:21Z

Modified

2023-11-08T04:11:58.135858Z

Details

All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-26110
https://github.com/song940/node-bluetooth
https://security.snyk.io/vuln/SNYK-JS-NODEBLUETOOTH-3311821

Affected packages

npm / node-bluetooth

Package

Name: node-bluetooth

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Last affected

1.2.6