x402 SDK vulnerable in outdated versions in resource servers for builders - x402-next

Description

There is a security vulnerability in outdated versions of the x402 SDK. This does not directly affect users’ keys, smart contracts, or funds.

This primarily impacts builders working on resource servers.

Recommendation

Update the x402-next package to the latest compatible version. Followings are version details:

• Affected version(s): < 0.5.2
• Patched version(s): 0.5.2

References

• GHSA-3j63-5h8p-gf7c

Related Issues

• x402 SDK vulnerable in outdated versions in resource servers for builders - x402 - Vulnerability
• x402 SDK vulnerable in outdated versions in resource servers for builders - x402-express - Vulnerability
• x402 SDK vulnerable in outdated versions in resource servers for builders - Vulnerability
• Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint - CVE-2023-46729

You might also like:

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:

npm

x402-next