Description
A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.
References (2)
Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_misc
https://hackerone.com/reports/966347
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2021/06/msg00028.html
Scores
CVSS v3
6.5
EPSS
0.0103
EPSS Percentile
77.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Details
CWE
CWE-125
CWE-126
Status
published
Products (3)
bufferlist_project/bufferlist
< 1.2.3
debian/debian_linux
9.0
npm/bl
0 - 1.2.3npm
Published
Aug 30, 2020
Tracked Since
Feb 18, 2026