Open biljanaLukovic opened 2 years ago
In: test/ui-automation/package-lock.json Type: Insufficient validation when decoding a Socket.IO packet #113 Severity: Critical This should be fixed by:
https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050, included in socket.io-parser@4.2.1 https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4, included in socket.io-parser@4.0.5
Upgrade: Vulnerability Type: ReDOS Severity: High in /cmd/wallet-adapter-web Library: minimatch Vulnerable version: 3.0.4 Safe version: 3.1.2
Critical Severity Vulnerability Type: 'mishandles witness size checking' in test/mock/adapter/go.sum Library: github.com/btcsuite/btcd (Go) < 0.23.2 Upgrade to: 0.23.2
In: test/ui-automation/package-lock.json Type: Insufficient validation when decoding a Socket.IO packet #113 Severity: Critical This should be fixed by:
https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050, included in socket.io-parser@4.2.1 https://github.com/socketio/socket.io-parser/commit/b559f050ee02bd90bd853b9823f8de7fa94a80d4, included in socket.io-parser@4.0.5
Upgrade: Vulnerability Type: ReDOS Severity: High in /cmd/wallet-adapter-web Library: minimatch Vulnerable version: 3.0.4 Safe version: 3.1.2
Critical Severity Vulnerability Type: 'mishandles witness size checking' in test/mock/adapter/go.sum Library: github.com/btcsuite/btcd (Go) < 0.23.2 Upgrade to: 0.23.2