EUVD-2021-1444

Malware in sbrugna...

CVE-2021-32738

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...

js-stellar-sdk authorization issue vulnerability

js-stellar-sdk is an application. A Javascript library for communicating with the Stellar Horizon server. A security vulnerability exists in Js-stellar-sdk versions prior to 8.2.3, which stems from the program's "Utils.readChallengeTx" function not verifying that the server has signed the...

Insecure Signature Verification

stellar-sdk uses insecure signature verification.The function Utils.readChallengeTx fails to verify that the transactions are signed by serverAccountID, allowing invalid challenge transactions as valid ones...

CVE-2021-32738

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...

CVE-2021-32738

CVE-2021-32738 affects the js-stellar-sdk library used to interact with Stellar Horizon. The vulnerability lies in Utils.readChallengeTx, which, before version 8.2.3, did not verify that the server signature was present on the challenge transaction; however, signature verification via Utils.verif...

CVE-2021-32738 Utils.readChallengeTx does not verify the server account signature

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...