Primary

Context

bigint-buffer Buffer Overflow Vulnerability in toBigIntLE() Function

Vulnerability

A buffer overflow vulnerability has been identified in the bigint-buffer package, specifically in the toBigIntLE() function. This vulnerability, present in all versions starting from 0.0.0, can be exploited by attackers to cause the application to crash.

Impact

Exploitation of this vulnerability leads to a buffer overflow, causing a hard crash of the application.

Reproduction

The vulnerability can be reproduced by invoking the toBigIntLE() function of the bigint-buffer package with crafted input that exploits the buffer overflow condition. This can be done by passing a value that the function does not properly validate, causing it to write beyond the allocated memory buffer.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

bigint-buffer Buffer Overflow Vulnerability in toBigIntLE() Function

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating