PANews reported on April 23 that according to The Block, the XRP Ledger Foundation warned that the recently released new version of the XRPL JavaScript library used to build applications may have potential vulnerabilities and urged projects to update to patched versions of the code. The problem was discovered by Charlie Eriksen, a malware researcher at Aikido Security, who said this "backdoor" could lead to a "potentially catastrophic" supply chain attack. The affected versions are v4.2.1 to v4.2.4 and v2.14.2, limited to code hosted on NPM. The foundation has released a fixed version v4.2.5 and recommends that related projects upgrade as soon as possible. The vulnerability does not affect the XRP Ledger itself or its GitHub code base.
XRP Ledger discloses a vulnerability in the new version of the XRPL JavaScript library and recommends that projects upgrade to the fixed version as soon as possible
Share to:
Follow PANews official accounts, let's navigate bull and bear markets together
Recommended Reading
PA一线2 hour agoPA一线3 hour ago
Pioneer's View: Crypto Celebrity Interviews
Exclusive interviews with crypto celebrities, sharing unique observations and insights
PAData: Web3 in Data
Data analysis and visualization reporting of industry hot spots
Memecoin Supercycle: The hype around attention tokenization
From joke culture to the trillion-dollar race, Memecoin has become an integral part of the crypto market. In this Memecoin super cycle, how can we seize the opportunity?
AI Agent: A Journey to Web3
The AI Agen innovation wave is sweeping the world. How will it take root in Web3? Let’s embark on this adventure together!