VYPR
Low severity3.1NVD Advisory· Published Dec 11, 2017· Updated Jun 17, 2026

CVE-2017-15897

CVE-2017-15897

Description

Node.js had a bug in versions 8.X and 9.X which caused buffers to not be initialized when the encoding for the fill value did not match the encoding specified. For example, 'Buffer.alloc(0x100, "This is not correctly encoded", "hex");' The buffer implementation was updated such that the buffer will be initialized to all zeros in these cases.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.