20 matches found
Malicious code in xrpl-hooks-ide (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cba4a53598147b0ea4a05d573906166d018f6026d4b245512f651c235c2bae3 The package xrpl-hooks-ide was found to contain malicious code...
MAL-2026-2398 Malicious code in xrpl-hooks-ide (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cba4a53598147b0ea4a05d573906166d018f6026d4b245512f651c235c2bae3 The package xrpl-hooks-ide was found to contain malicious code...
Malicious Package
Overview xrpl-dev-portal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1221 Malicious code in xrpl-dev-portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e19d7ccfb5e9bebce90f062b458b8ac38691519308db3cb6bf846b54a387dad9 The package xrpl-dev-portal was found to contain malicious code. Source: ghsa-malware 4fda3daad7ee020ce9cee13e48a40a89de8040cc479f0c4ac9687198ccd576c...
Malicious code in xrpl-dev-portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e19d7ccfb5e9bebce90f062b458b8ac38691519308db3cb6bf846b54a387dad9 The package xrpl-dev-portal was found to contain malicious code. Source: ghsa-malware 4fda3daad7ee020ce9cee13e48a40a89de8040cc479f0c4ac9687198ccd576c...
Malicious Package
Overview xrpl-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2025-199590
Malicious code in xrpl-api npm...
MAL-2025-191467 Malicious code in xrpl-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fb3e61af99fea7b1567f2fa35f2558959e9c0c63f777bc5d37f6e48378ec31f The package xrpl-api was found to contain malicious code. Source: ghsa-malware 892f832257ae1ca9ec7f8ad76b11821b4808750298e4842ff44aa3459b54a125 Any...
Malicious code in xrpl-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fb3e61af99fea7b1567f2fa35f2558959e9c0c63f777bc5d37f6e48378ec31f The package xrpl-api was found to contain malicious code. Source: ghsa-malware 892f832257ae1ca9ec7f8ad76b11821b4808750298e4842ff44aa3459b54a125 Any...
EUVD-2022-33490
Malicious code in bioql PyPI...
CVE-2022-29077
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat...
CVE-2025-32965 Compromised xrpl.js versions 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2
xrpl.js is a JavaScript/TypeScript API for interacting with the XRP Ledger in Node.js and the browser. Versions 4.2.1, 4.2.2, 4.2.3, and 4.2.4 of xrpl.js were compromised and contained malicious code designed to exfiltrate private keys. Version 2.14.2 is also malicious, though it is less likely t...
Malicious code in xrpl-org-dev-portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 200d97a2ec5482269915689627e76de8f5f274aadcabbdae30f3dcd313fe599b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-7296 Malicious code in xrpl-org-dev-portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 200d97a2ec5482269915689627e76de8f5f274aadcabbdae30f3dcd313fe599b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-29077
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat...
CVE-2022-29077
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat...
CVE-2022-29077
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat...
Heap overflow
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat...
CVE-2022-29077
CVE-2022-29077 is a heap-based buffer overflow in rippled prior to 1.8.5. An attacker could crash the node or remotely execute commands, potentially causing XRPL mainnet DoS and compromising all XRPL assets. Remediation: upgrade to rippled 1.8.5 or apply the vendor’s fix as described in the refer...
CVE-2022-29077
A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat...