Homepage

cryptoasset-data-downloader@1.0.1 vulnerabilities

A desktop application to download historical data of desired crypto assets by connecting several different crypto-exchanges' API

  • latest version

    1.0.9

  • latest non vulnerable version

    1.0.9

  • first published

    4 years ago

  • latest version published

    4 years ago

  • licenses detected

  • View cryptoasset-data-downloader package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the cryptoasset-data-downloader package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Remote Code Execution (RCE)

    cryptoasset-data-downloader is an A desktop application to download historical data of desired crypto assets by connecting several different crypto-exchanges' API

    Affected versions of this package are vulnerable to Remote Code Execution (RCE) such that it contains a backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

    How to fix Remote Code Execution (RCE)?

    Upgrade cryptoasset-data-downloader to version 1.0.2 or higher.

    [,1.0.2)
    Go back to all versions of this package