Lucene search
K

6 matches found

Snyk
Snyk
added 2026/06/11 9:0 p.m.8 views

Malicious Package

Overview @solana-labs/web3js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
OSV
OSV
added 2025/07/15 5:50 a.m.3 views

MAL-2025-5973 Malicious code in web3js-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96a262a05712b8db4ab5089f2e93098544cbe69efb3e8cd90b4cb67c1c9e04a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/15 5:50 a.m.4 views

Malicious code in web3js-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96a262a05712b8db4ab5089f2e93098544cbe69efb3e8cd90b4cb67c1c9e04a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2024/04/17 6:21 p.m.4 views

@nikaru-dev/provider-all (>=0.25.1-next.3 <=0.26.0), @nikaru-dev/provider-walletconnect-2 (>=0.18.1-next.2 <=0.19.1-next.0) +11 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.67.0 <=1.67.2)

@solana/web3.js NPM version =1.67.0, =0.25.1-next.3, =0.18.1-next.2, =0.20.1-next.9, =0.20.1-next.16, =0.22.1-next.0, =0.14.1-next.5, =0.17.1-next.0, =0.17.1-next.0, =0.22.1, =0.14.1, =0.17.1, =0.17.1, =0.0.1, =0.1.5 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...

7.5CVSS7AI score0.00593EPSS
Exploits0
CNNVD
CNNVD
added 2024/03/25 12:0 a.m.3 views

Web3.js 安全漏洞

Web3.js is a TypeScript implementation of the Ethernet JSON RPC API open-sourced by Web3 and related tools maintained by ChainSafe Systems. A security vulnerability exists in versions of Web3.js prior to 4.2.1 that stems from the presence of a prototype contamination vulnerability...

7.5CVSS7.3AI score0.00712EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2022/08/15 12:0 a.m.371 views

Gigaland NFT Marketplace 1.9 Shell Upload / Key Disclosure

Exploit Title: Gigaland NFT marketplace Shell upload and ETH private key leak Google Dork: N/A Date: 14/8/2022 Exploit Author: Sohel Yousef https://www.linkedin.com/in/sohel-yousef-50a905189/ Software Link: https://gigaland.io/ Version: 1.9 Category: webapps 1. Sell Upload after connectiong your...

7.4AI score
Exploits0
Rows per page
Query Builder