Vulnerabilities Fixes - Githubissues

fireblocks / fireblocks-sdk-js

Typescript & Javascript SDK for developers using Fireblocks API

https://docs.fireblocks.com/api/swagger-ui/

MIT License

72 stars 69 forks source link

Vulnerabilities Fixes #305

Closed YoavBZ closed 2 weeks ago

YoavBZ commented 2 weeks ago

Pull Request Description

Fixes the following vulnerability issues:

C Improper Verification of Cryptographic Signature - CVE-2024-42459
C Improper Verification of Cryptographic Signature - CVE-2024-42460
C Improper Verification of Cryptographic Signature - CVE-2024-42461
H Prototype Pollution - CWE-1321
H Server-side Request Forgery (SSRF) - CVE-2024-39338
H Improper Verification of Cryptographic Signature - CVE-2024-48949
H Improper Verification of Cryptographic Signature - CVE-2024-48948
H Improper Handling of Extra Parameters - CVE-2023-26159
M Regular Expression Denial of Service (ReDoS) - CWE-1333
M Information Exposure - CVE-2024-28849

Type of change

[X] Bug fix (non-breaking change which fixes an issue)