Unrated severityNVD Advisory· Published Aug 25, 2023· Updated Aug 2, 2024
Freighter mnemonic phrase may be accessed by Javascript through a private API
CVE-2023-40580
Description
Freighter is a Stellar chrome extension. It may be possible for a malicious website to access the recovery mnemonic phrase when the Freighter wallet is unlocked. This vulnerability impacts access control to the mnemonic recovery phrase. This issue was patched in version 5.3.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.3.1
- stellar/freighterv5Range: < 5.3.1
Patches
Vulnerability mechanics
References
3- github.com/stellar/freighter/commit/81f78ba008c41ce631a3d0f9e4449f4bbd90baeemitrex_refsource_MISC
- github.com/stellar/freighter/pull/948mitrex_refsource_MISC
- github.com/stellar/freighter/security/advisories/GHSA-vqr6-hwg2-775wmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.