You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The utile npm module, version 0.3.0, allows to extract sensitive data from uninitialized memory or to cause a DoS by passing in a large number, in setups where typed user input can be passed (e.g. from JSON).
Vulnerable Library - utile-0.1.0.tgz
A drop-in replacement for `util` with some additional advantageous functions
Library home page: https://registry.npmjs.org/utile/-/utile-0.1.0.tgz
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
WS-2018-0148
Vulnerable Library - utile-0.1.0.tgz
A drop-in replacement for `util` with some additional advantageous functions
Library home page: https://registry.npmjs.org/utile/-/utile-0.1.0.tgz
Dependency Hierarchy:
Found in HEAD commit: d3aa03c77002ed1f61a679726c02bc0494d073c2
Found in base branch: main
Vulnerability Details
The
utile
npm module, version 0.3.0, allows to extract sensitive data from uninitialized memory or to cause a DoS by passing in a large number, in setups where typed user input can be passed (e.g. from JSON).Publish Date: 2018-07-16
URL: WS-2018-0148
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/WS-2018-0148
Release Date: 2018-01-16
Fix Resolution: JetBrains.Rider.Frontend5 - 212.0.20210826.92917,212.0.20211008.220753
The text was updated successfully, but these errors were encountered: