Open rafinskipg opened 1 month ago
Describe the bug Thers a dependency of wallet connect called untun that seems to be able to execute arbitrary code. Which can be a high security risk.
untun
Please, evaluate the risk
The dependency path is : walletconnect -> unstorage -> listhen -> untun
https://github.com/wevm/wagmi/issues/4127
CR-482 Dangerous 3rd party package
linear[bot]
commented
1 month ago linear[bot]
commented
1 month ago
Describe the bug Thers a dependency of wallet connect called
untunthat seems to be able to execute arbitrary code. Which can be a high security risk.Please, evaluate the risk
The dependency path is : walletconnect -> unstorage -> listhen -> untun
https://github.com/wevm/wagmi/issues/4127