Lucene search
K

4 matches found

OSV
OSV
added 2025/03/24 6:29 a.m.2 views

MAL-2025-2620 Malicious code in solana-headless-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fafc63ce82d201d229734c0ac36321f32d7ed82682cfc4afbcb8fcf20787d95d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/04/17 6:21 p.m.7 views

@glow-app/solana-client (>=0.4.0 <=0.5.1), @zetamarkets/flex-sdk (>=0.6.3 <=0.15.0) +8 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.43.4 <=1.43.6)

@solana/web3.js NPM version =1.43.4, =0.4.0, =0.6.3, =0.1.1, =0.0.1, =1.4.0, =0.1.0, =1.0.4, =1.4.1 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...

7.5CVSS7AI score0.00593EPSS
Exploits0
Code423n4
Code423n4
added 2024/01/08 12:0 a.m.30 views

Permanent DOS in liquidity_lockbox for under $10

Lines of code Vulnerability details Impact The liquiditylockbox contract in the lockbox-solana project is vulnerable to permanent DOS due to its storage limitations. The contract uses a Program Derived Address PDA as a data account, which is created with a maximum size limit of 10 KB. Every time...

7.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/03/20 12:7 p.m.4 views

0xppl-solana-portfolio (=1.0.0), 0xuath-sdk-react (>=0.0.2 <=0.0.23) +6453 more potentially affected by CVE-2025-3194 via bigint-buffer (=1.1.5)

bigint-buffer NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on bigint-buffer and may be impacted: - 0xppl-solana-portfolio =1.0.0 - 0xuath-sdk-react =0.0.2, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.0, =0.0.77, =0.2.0, =0.1.1,...

8.7CVSS5.7AI score0.00565EPSS
Exploits0
Rows per page
Query Builder