npm package
@striae-org/striae
pkg:npm/%40striae-org/striae
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-31839 | — | >= 0.9.22-0, < 3.0.0 | 3.0.0 | Mar 11, 2026 | Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing |
- CVE-2026-31839Mar 11, 2026affected >= 0.9.22-0, < 3.0.0fixed 3.0.0
Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing