EPSS
Percentile
55.1%
node is vulnerable to information disclosure attacks. The vulnerability exists through the use of Buffer.alloc(), exposing uninitialized memory.
Buffer.alloc()
access.redhat.com/errata/RHSA-2018:2553
bugzilla.suse.com/show_bug.cgi?id=1105018
github.com/nodejs/node/commit/734323d9eb
nodejs.org/en/blog/release/v10.9.0/
nodejs.org/en/blog/vulnerability/august-2018-security-releases/