Web3.js 安全漏洞

Web3.js is a TypeScript implementation of the Ethernet JSON RPC API open-sourced by Web3 and related tools maintained by ChainSafe Systems. A security vulnerability exists in Web3.js versions 1.10.4 and earlier, which stems from prototype contamination in the attachToObject function and could lea...

@civic/civic-sign (>=0.0.4 <=0.0.14), @civic/serum (>=0.17.3 <=0.17.4) +11 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.39.0 <=1.39.1)

@solana/web3.js NPM version =1.39.0, =0.0.4, =0.17.3, =0.3.1-3.beta.1, =0.0.1, =0.2.1, =3.4.1, =2.0.0-beta.1, =0.4.3, =3.11.8, =3.11.14 - winto-sdk =1.0.2 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...