Raoul Scholtes

**Name of the Vulnerable Software and Affected Versions** node-bluetooth-serial-port versions all **Description** The issue is related to a Buffer Overflow vulnerability via the `findSerialPortChannel` method due to improper user input length validation. This allows for potential exploitation. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For all versions, consider disabling the `findSerialPortChannel` method until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** node-bluetooth versions all **Description** The issue arises from improper user input length validation, leading to a Buffer Overflow via the `findSerialPortChannel` method. **Recommendations** For all versions, as a temporary workaround, consider disabling the `findSerialPortChannel` method until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.