[email protected] - Node stellar-sdk: lack of signature check, analyzed on 05/07/2021

Vigil@nce - Node stellar-sdk: lack of signature check, analyzed on 05/07/2021

The [email protected] team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.







Synthesis of the vulnerability 


An attacker can tamper with the serverAccountID in an application based on Node stellar-sdk.Vulnerable software: Nodejs Modules ~ not comprehensive.Severity of this announce: 1/4.Creation date: 05/07/2021.Références of this computer vulnerability: CVE-2021-32738, NPM-1764, VIGILANCE-VUL-35821.

Description of the vulnerability 


An attacker can tamper with the serverAccountID in an application based on Node stellar-sdk.Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer threat announce impacts software or systems such as Nodejs Modules ~ not comprehensive.

Our [email protected] team determined that the severity of this computer vulnerability is low.

The trust level is of type confirmed by the editor, with an origin of internet client.

An attacker with a expert ability can exploit this cybersecurity alert.

Solutions for this threat 


Node stellar-sdk: version 8.2.3.The version 8.2.3 is fixed.Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 


[email protected] provides application vulnerability bulletins. The technology watch team tracks security threats targeting the computer system.

Share this bulletin 



Support the originator by clicking the read the rest link below.