To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.
Security: browserify/sha.js
Security
SECURITY.md
-
Missing type checks can allow types other than a well-formed `Buffer` or `string`, resulting in undefined behaviourGHSA-95m3-7q98-8xr5 published
Aug 20, 2025 by ljharbCritical
Learn more about advisories related to browserify/sha.js in the GitHub Advisory Database