search

safbc / Ethereum

Exploring and evaluating blockchains. This repo is focused on using Ethereum as the platform.
30 stars 18 forks source link

check those volnerabilities found by Snyk #2

Open AlGolden opened 6 years ago

AlGolden commented 6 years ago

https://snyk.io/test/github/springblock/Ethereum

  1. Arbitrary Code Injection Vulnerable module: growl Introduced through: grunt-mocha-cli@2.1.0

2.Command Injection Vulnerable module: shelljs Introduced through: grunt-contrib-jshint@1.1.0 Detailed paths

Introduced through: blockchaininfrastructure@springblock/Ethereum#1267a1b257840e259f7a1c514a3e8656f9e1b2e3 › grunt-contrib-jshint@1.1.0 › jshint@2.9.5 › shelljs@0.3.0

  1. Prototype Override Protection Bypass Vulnerable module: qs Introduced through: grunt-contrib-watch@1.0.0 Detailed paths

Introduced through: blockchaininfrastructure@springblock/Ethereum#1267a1b257840e259f7a1c514a3e8656f9e1b2e3 › grunt-contrib-watch@1.0.0 › tiny-lr@0.2.1 › qs@5.1.0 Introduced through: blockchaininfrastructure@springblock/Ethereum#1267a1b257840e259f7a1c514a3e8656f9e1b2e3 › grunt-contrib-watch@1.0.0 › tiny-lr@0.2.1 › body-parser@1.14.2 › qs@5.2.0

status-open-bounty commented 6 years ago

Current balance: 0.0 ETH Contract address: 0x92e5c20ab7173ec10be09e02aab5efec648f7629 QR Code Network: Testnet (Ropsten) To claim this bounty sign up at https://testing.openbounty.status.im and make sure to update your Ethereum address in My Payment Details so that the bounty is correctly allocated. To fund it, send test ETH or test ERC20/ERC223 tokens to the contract address.