Description
Versions of the package bigint-buffer from 0.0.0 to 1.1.5 are vulnerable to Buffer Overflow in the toBigIntLE() function. Attackers can exploit this to crash the application.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 1.1.5
References
Related Issues
- Lightning Flow Scanner Vulnerable to Code Injection via Unsafe Use of `new Function()` in APIVersion Rule - CVE-2025-67750
- `vega-functions` vulnerable to Cross-site Scripting via `setdata` function - CVE-2025-66648
- Finance.js vulnerable to DoS via the IRR function’s depth parameter - CVE-2025-56571
- axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL - CVE-2025-27152
- Tags:
- npm
- bigint-buffer
Anything's wrong? Let us know Last updated on April 04, 2025