VYPR

Solana Web3.js

by Solana Labs

Source repositories

CVEs (2)

  • CVE-2024-54134HigDec 4, 2024
    risk 0.47cvss epss 0.00

    A publish-access account was compromised for `@solana/web3.js`, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds…

  • CVE-2024-30253HigApr 17, 2024
    risk 0.42cvss 7.5epss 0.01

    @solana/web3.js is the Solana JavaScript SDK. Using particular inputs with `@solana/web3.js` will result in memory exhaustion (OOM). If you have a server, client, mobile, or desktop product that accepts untrusted input for use with `@solana/web3.js`, your application/service may…