CVE-2022-21671 Potential exposure of Replit tokens to an Unauthorized Actor in @replit/crosis

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

crosis 安全漏洞

crosis is a JavaScript client that uses the Replit container protocol. crosis is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to obtain a token used to connect to Repl...