5 matches found
Malicious code in @ensdomains/dnssec-oracle-anchors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b164c0fb4c77df7a6c083be92efc82f833aaa660d50fbb1a0eea26b2388c65a6 The package @ensdomains/dnssec-oracle-anchors was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198873
Malicious code in @ensdomains/dnssec-oracle-anchors npm...
MAL-2025-190804 Malicious code in @ensdomains/dnssec-oracle-anchors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b164c0fb4c77df7a6c083be92efc82f833aaa660d50fbb1a0eea26b2388c65a6 The package @ensdomains/dnssec-oracle-anchors was found to contain malicious code. Source: ghsa-malware...
Upgraded Q -> M from 238 [1664280434191]
Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 5. Wrong comparison result when the length is longer than 32 File: contracts\dnssec-oracle\BytesUtils.sol 44: function comparebytes memory self, uint offset, uint len, bytes memory other, uint otheroffset, uint...
Some implementation mistakes in dnssec-oracle/BytesUtils.compare
Lines of code Vulnerability details Impact There are some implementation mistakes in dnssec-oracle/BytesUtils.compare. There should be a sanity check for offsets and lens if shortest 32 is not a correct condition. It should check the size of the last block. shortest is the total size of the bytes...