Hi Team,
I am getting a critical Vulnerability in my npm module react-native-pdf version @6.6.2
while i run sonartype scan. Please provide the permanent solution
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
my react-native info
System:
OS: macOS 12.6
CPU: (8) arm64 Apple M1
Memory: 92.08 MB / 16.00 GB
Shell: 5.8.1 - /bin/zsh
Binaries:
Node: 19.2.0 - ~/.nvm/versions/node/v19.2.0/bin/node
Yarn: 1.22.19 - /opt/homebrew/bin/yarn
npm: 8.19.3 - ~/.nvm/versions/node/v19.2.0/bin/npm
Watchman: 2022.09.19.00 - /opt/homebrew/bin/watchman
Managers:
CocoaPods: 1.11.3 - /opt/homebrew/bin/pod
SDKs:
iOS SDK:
Platforms: DriverKit 21.4, iOS 16.0, macOS 12.3, tvOS 16.0, watchOS 9.0
Android SDK:
API Levels: 31, 32, 33
Build Tools: 29.0.2, 29.0.3, 30.0.3, 31.0.0, 33.0.0
System Images: android-29 | Google APIs ARM 64 v8a, android-30 | Google Play ARM 64 v8a, android-30 | Google APIs ATD ARM 64 v8a, android-31 | ARM 64 v8a, android-31 | Google APIs ARM 64 v8a, android-33 | Google APIs ARM 64 v8a, android-33 | Google APIs Intel x86 Atom_64
Android NDK: Not Found
IDEs:
Android Studio: 2021.3 AI-213.7172.25.2113.9014738
Xcode: 14.0.1/14A400 - /usr/bin/xcodebuild
Languages:
Java: 11.0.16.1 - /usr/bin/javac
npmPackages:
react: 18.1.0 => 18.1.0
react-native: 0.70.1 => 0.70.1
Hi Team, I am getting a critical Vulnerability in my npm module react-native-pdf version @6.6.2 while i run sonartype scan. Please provide the permanent solution
Description react-native-pdf - Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
my react-native info
System: OS: macOS 12.6 CPU: (8) arm64 Apple M1 Memory: 92.08 MB / 16.00 GB Shell: 5.8.1 - /bin/zsh Binaries: Node: 19.2.0 - ~/.nvm/versions/node/v19.2.0/bin/node Yarn: 1.22.19 - /opt/homebrew/bin/yarn npm: 8.19.3 - ~/.nvm/versions/node/v19.2.0/bin/npm Watchman: 2022.09.19.00 - /opt/homebrew/bin/watchman Managers: CocoaPods: 1.11.3 - /opt/homebrew/bin/pod SDKs: iOS SDK: Platforms: DriverKit 21.4, iOS 16.0, macOS 12.3, tvOS 16.0, watchOS 9.0 Android SDK: API Levels: 31, 32, 33 Build Tools: 29.0.2, 29.0.3, 30.0.3, 31.0.0, 33.0.0 System Images: android-29 | Google APIs ARM 64 v8a, android-30 | Google Play ARM 64 v8a, android-30 | Google APIs ATD ARM 64 v8a, android-31 | ARM 64 v8a, android-31 | Google APIs ARM 64 v8a, android-33 | Google APIs ARM 64 v8a, android-33 | Google APIs Intel x86 Atom_64 Android NDK: Not Found IDEs: Android Studio: 2021.3 AI-213.7172.25.2113.9014738 Xcode: 14.0.1/14A400 - /usr/bin/xcodebuild Languages: Java: 11.0.16.1 - /usr/bin/javac npmPackages: react: 18.1.0 => 18.1.0 react-native: 0.70.1 => 0.70.1