http://bugzilla.opensuse.org/show_bug.cgi?id=1095771 Bug ID: 1095771 Summary: VUL-0: CVE-2018-3745: nodejs-atob: uninitialized memory allocation in input Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.0 Hardware: Other URL: https://smash.suse.de/issue/206724/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: kbabioch@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- rh#1584889 atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. References: https://bugzilla.redhat.com/show_bug.cgi?id=1584889 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3745 http://www.cvedetails.com/cve/CVE-2018-3745/ https://hackerone.com/reports/321686 -- You are receiving this mail because: You are on the CC list for the bug.