3 matches found
Malicious code in tokenservice-paypal (npm)
The package tokenservice-paypal was found to contain malicious code...
MAL-2025-37016 Malicious code in tokenservice-paypal (npm)
The package tokenservice-paypal was found to contain malicious code...
sendToken() shouldn't have metadata parameter
Lines of code Vulnerability details Impact Users calling sendToken with metadata may trigger a revert or lose the calldata if its size is 1-3 bytes when the destination is an EOA. Proof of Concept In transmitSendToken, we discard the calldata if it's less than 4 bytes, and revert if it's bigger o...