Launch Week Day 1: Announcing Security Design Review
Start for Free
LOW 3.2 npm

Duplicate Advisory: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

GHSA-qmq6-f8pr-cx5x

Published ยท Modified

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-w5hq-g745-h8pq. This link is maintained to preserve external references.

Original Advisory

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes