dreamer-zq
commented
5 years ago @whodoyouremember Thank you, I will modify this code right away.
Open Remember-1 opened 5 years ago
dreamer-zq
commented
5 years ago @whodoyouremember Thank you, I will modify this code right away.
Remember-1
commented
5 years ago Is there any reward for this issue?
laserlemon
commented
5 years ago @zhiqiang-bianjie :wave: I'm on the team at GitHub responsible for delivering security vulnerability alerts. Is the irisnet-crypto package released to NPM or is it only installed via Git? Thank you!
dreamer-zq
commented
5 years ago @zhiqiang-bianjie 👋 I'm on the team at GitHub responsible for delivering security vulnerability alerts. Is the
irisnet-cryptopackage released to NPM or is it only installed via Git? Thank you!
Currently only installed via git, may pass npm later
In the util/utils.js file line 21 eval maybe execute malice code,