Description
Versions of the package bigint-buffer from 0.0.0 to 1.1.5 are vulnerable to Buffer Overflow in the toBigIntLE() function. Attackers can exploit this to crash the application.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 1.1.5
References
Related Issues
- Lightning Flow Scanner Vulnerable to Code Injection via Unsafe Use of `new Function()` in APIVersion Rule - CVE-2025-67750
- `vega-functions` vulnerable to Cross-site Scripting via `setdata` function - CVE-2025-66648
- Finance.js vulnerable to DoS via the IRR function’s depth parameter - CVE-2025-56571
- Signal K Server vulnerable to JWT Token Theft via WebSocket Enumeration and Unauthenticated Polling - CVE-2025-68620
- Tags:
- npm
- bigint-buffer
Anything's wrong? Let us know Last updated on April 04, 2025