VYPR

npm package

stringstream

pkg:npm/stringstream

Vulnerabilities (1)

  • CVE-2018-21270Dec 3, 2020
    affected < 0.0.6fixed 0.0.6

    Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).