@lodestar/reqresp@1.16.0-dev.3bbb3d9871 vulnerabilities

licenses detected

Direct Vulnerabilities

Known vulnerabilities in the @lodestar/reqresp package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Improper Validation of Integrity Check Value @lodestar/reqresp is an A Typescript implementation of the Ethereum Consensus Req/Resp protocol Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value. An attacker can manipulate the processing of uncompressed data chunks by providing a malformed input that bypasses the checksum verification. How to fix Improper Validation of Integrity Check Value? Upgrade `@lodestar/reqresp` to version 1.25.0 or higher.	<1.25.0

Improper Validation of Integrity Check Value

@lodestar/reqresp is an A Typescript implementation of the Ethereum Consensus Req/Resp protocol

Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value. An attacker can manipulate the processing of uncompressed data chunks by providing a malformed input that bypasses the checksum verification.

How to fix Improper Validation of Integrity Check Value?

Upgrade @lodestar/reqresp to version 1.25.0 or higher.

<1.25.0

Go back to all versions of this package