@ensdomains/ens@0.3.11 vulnerabilities

Implementations for registrars and local resolvers for the Ethereum Name Service

latest version

0.6.2
latest non vulnerable version

0.6.2
first published

6 years ago
latest version published

3 years ago
licenses detected
- CC0-1.0
  >=0
View @ensdomains/ens package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @ensdomains/ens package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Improper Authorization @ensdomains/ens is an implementation for registrars and local resolvers for the Ethereum Name Service. Affected versions of this package are vulnerable to Improper Authorization. A user who owns an ENS domain can set a "trapdoor", allowing them to transfer ownership to another user, and later regain ownership without the new owner's consent or awareness How to fix Improper Authorization? Upgrade `@ensdomains/ens` to version 0.4.0 or higher.	<0.4.0

Improper Authorization

@ensdomains/ens is an implementation for registrars and local resolvers for the Ethereum Name Service.

Affected versions of this package are vulnerable to Improper Authorization. A user who owns an ENS domain can set a "trapdoor", allowing them to transfer ownership to another user, and later regain ownership without the new owner's consent or awareness

How to fix Improper Authorization?

Upgrade @ensdomains/ens to version 0.4.0 or higher.

<0.4.0

Go back to all versions of this package

@ensdomains/ens@0.3.11 vulnerabilities

Implementations for registrars and local resolvers for the Ethereum Name Service

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities