Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3194

Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buffer Overflow in the toBigIntLE() function. Attackers can exploit this to crash the application.

Published

2025-04-04T05:15:45.927

Last Modified

2025-04-07T14:18:15.560

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-120
Type: Secondary
CWE-120

Affected Vendors & Products

References

https://github.com/no2chem/bigint-buffer/blob/master/src/index.ts%23L25 ([email protected])
https://security.snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 ([email protected])
https://www.usenix.org/system/files/sec23fall-prepub-262_staicu.pdf ([email protected])
https://security.snyk.io/vuln/SNYK-JS-BIGINTBUFFER-3364597 (134c704f-9b21-4f2e-91b3-4a467353bcc0)