Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:npm/%40solana/web3.js@1.49.0

Type npm

Namespace @solana

Name web3.js

Version 1.49.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.91.3

Latest_non_vulnerable_version 1.95.8

Affected_by_vulnerabilities

url VCID-5ysu-hj1h-bub5

vulnerability_id VCID-5ysu-hj1h-bub5

summary @solana/web3.js is the Solana JavaScript SDK. Using particular inputs with `@solana/web3.js` will result in memory exhaustion (OOM). If you have a server, client, mobile, or desktop product that accepts untrusted input for use with `@solana/web3.js`, your application/service may crash, resulting in a loss of availability. This vulnerability is fixed in 1.0.1, 1.10.2, 1.11.1, 1.12.1, 1.1.2, 1.13.1, 1.14.1, 1.15.1, 1.16.2, 1.17.1, 1.18.1, 1.19.1, 1.20.3, 1.21.1, 1.22.1, 1.23.1, 1.24.3, 1.25.1, 1.26.1, 1.27.1, 1.28.1, 1.2.8, 1.29.4, 1.30.3, 1.31.1, 1.3.1, 1.32.3, 1.33.1, 1.34.1, 1.35.2, 1.36.1, 1.37.3, 1.38.1, 1.39.2, 1.40.2, 1.41.11, 1.4.1, 1.42.1, 1.43.7, 1.44.4, 1.45.1, 1.46.1, 1.47.5, 1.48.1, 1.49.1, 1.50.2, 1.51.1, 1.5.1, 1.52.1, 1.53.1, 1.54.2, 1.55.1, 1.56.3, 1.57.1, 1.58.1, 1.59.2, 1.60.1, 1.61.2, 1.6.1, 1.62.2, 1.63.2, 1.64.1, 1.65.1, 1.66.6, 1.67.3, 1.68.2, 1.69.1, 1.70.4, 1.71.1, 1.72.1, 1.7.2, 1.73.5, 1.74.1, 1.75.1, 1.76.1, 1.77.4, 1.78.8, 1.79.1, 1.80.1, 1.81.1, 1.8.1, 1.82.1, 1.83.1, 1.84.1, 1.85.1, 1.86.1, 1.87.7, 1.88.1, 1.89.2, 1.90.2, 1.9.2, and 1.91.3.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-30253

reference_id

reference_type

scores

value	0.00142
scoring_system	epss
scoring_elements	0.34187
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-30253

reference_url

https://github.com/solana-labs/solana-web3.js

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/solana-labs/solana-web3.js

reference_url

https://github.com/solana-labs/solana-web3.js/commit/77d935221a4805107b20b60ae7c1148725e4e2d0

reference_id

77d935221a4805107b20b60ae7c1148725e4e2d0

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T14:18:35Z/

url

https://github.com/solana-labs/solana-web3.js/commit/77d935221a4805107b20b60ae7c1148725e4e2d0

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-30253

reference_id

CVE-2024-30253

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-30253

reference_url

https://github.com/advisories/GHSA-8m45-2rjm-j347

reference_id

GHSA-8m45-2rjm-j347

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8m45-2rjm-j347

reference_url

https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-8m45-2rjm-j347

reference_id

GHSA-8m45-2rjm-j347

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T14:18:35Z/

url

https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-8m45-2rjm-j347

fixed_packages

url pkg:npm/%40solana/web3.js@1.49.1

purl pkg:npm/%40solana/web3.js@1.49.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.49.1

url pkg:npm/%40solana/web3.js@1.50.2

purl pkg:npm/%40solana/web3.js@1.50.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.50.2

url pkg:npm/%40solana/web3.js@1.51.1

purl pkg:npm/%40solana/web3.js@1.51.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.51.1

url pkg:npm/%40solana/web3.js@1.52.1

purl pkg:npm/%40solana/web3.js@1.52.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.52.1

url pkg:npm/%40solana/web3.js@1.53.1

purl pkg:npm/%40solana/web3.js@1.53.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.53.1

url pkg:npm/%40solana/web3.js@1.54.2

purl pkg:npm/%40solana/web3.js@1.54.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.54.2

url pkg:npm/%40solana/web3.js@1.55.1

purl pkg:npm/%40solana/web3.js@1.55.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.55.1

url pkg:npm/%40solana/web3.js@1.56.3

purl pkg:npm/%40solana/web3.js@1.56.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.56.3

url pkg:npm/%40solana/web3.js@1.57.1

purl pkg:npm/%40solana/web3.js@1.57.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.57.1

url pkg:npm/%40solana/web3.js@1.58.1

purl pkg:npm/%40solana/web3.js@1.58.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.58.1

url pkg:npm/%40solana/web3.js@1.59.2

purl pkg:npm/%40solana/web3.js@1.59.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.59.2

url pkg:npm/%40solana/web3.js@1.60.1

purl pkg:npm/%40solana/web3.js@1.60.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.60.1

url pkg:npm/%40solana/web3.js@1.61.2

purl pkg:npm/%40solana/web3.js@1.61.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.61.2

url pkg:npm/%40solana/web3.js@1.62.2

purl pkg:npm/%40solana/web3.js@1.62.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.62.2

url pkg:npm/%40solana/web3.js@1.63.2

purl pkg:npm/%40solana/web3.js@1.63.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.63.2

url pkg:npm/%40solana/web3.js@1.64.1

purl pkg:npm/%40solana/web3.js@1.64.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.64.1

url pkg:npm/%40solana/web3.js@1.65.1

purl pkg:npm/%40solana/web3.js@1.65.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.65.1

url pkg:npm/%40solana/web3.js@1.66.6

purl pkg:npm/%40solana/web3.js@1.66.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.66.6

url pkg:npm/%40solana/web3.js@1.67.3

purl pkg:npm/%40solana/web3.js@1.67.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.67.3

url pkg:npm/%40solana/web3.js@1.68.2

purl pkg:npm/%40solana/web3.js@1.68.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.68.2

url pkg:npm/%40solana/web3.js@1.69.1

purl pkg:npm/%40solana/web3.js@1.69.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.69.1

url pkg:npm/%40solana/web3.js@1.70.4

purl pkg:npm/%40solana/web3.js@1.70.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.70.4

url pkg:npm/%40solana/web3.js@1.71.1

purl pkg:npm/%40solana/web3.js@1.71.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.71.1

url pkg:npm/%40solana/web3.js@1.72.1

purl pkg:npm/%40solana/web3.js@1.72.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.72.1

url pkg:npm/%40solana/web3.js@1.73.5

purl pkg:npm/%40solana/web3.js@1.73.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.73.5

url pkg:npm/%40solana/web3.js@1.74.1

purl pkg:npm/%40solana/web3.js@1.74.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.74.1

url pkg:npm/%40solana/web3.js@1.75.1

purl pkg:npm/%40solana/web3.js@1.75.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.75.1

url pkg:npm/%40solana/web3.js@1.76.1

purl pkg:npm/%40solana/web3.js@1.76.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.76.1

url pkg:npm/%40solana/web3.js@1.77.4

purl pkg:npm/%40solana/web3.js@1.77.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.77.4

url pkg:npm/%40solana/web3.js@1.78.8

purl pkg:npm/%40solana/web3.js@1.78.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.78.8

url pkg:npm/%40solana/web3.js@1.79.1

purl pkg:npm/%40solana/web3.js@1.79.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.79.1

url pkg:npm/%40solana/web3.js@1.80.1

purl pkg:npm/%40solana/web3.js@1.80.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.80.1

url pkg:npm/%40solana/web3.js@1.81.1

purl pkg:npm/%40solana/web3.js@1.81.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.81.1

url pkg:npm/%40solana/web3.js@1.82.1

purl pkg:npm/%40solana/web3.js@1.82.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.82.1

url pkg:npm/%40solana/web3.js@1.83.1

purl pkg:npm/%40solana/web3.js@1.83.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.83.1

url pkg:npm/%40solana/web3.js@1.84.1

purl pkg:npm/%40solana/web3.js@1.84.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.84.1

url pkg:npm/%40solana/web3.js@1.85.1

purl pkg:npm/%40solana/web3.js@1.85.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.85.1

url pkg:npm/%40solana/web3.js@1.86.1

purl pkg:npm/%40solana/web3.js@1.86.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.86.1

url pkg:npm/%40solana/web3.js@1.87.7

purl pkg:npm/%40solana/web3.js@1.87.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.87.7

url pkg:npm/%40solana/web3.js@1.88.1

purl pkg:npm/%40solana/web3.js@1.88.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.88.1

url pkg:npm/%40solana/web3.js@1.89.2

purl pkg:npm/%40solana/web3.js@1.89.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.89.2

url pkg:npm/%40solana/web3.js@1.90.2

purl pkg:npm/%40solana/web3.js@1.90.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5ysu-hj1h-bub5

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.90.2

url	pkg:npm/%40solana/web3.js@1.91.3
purl	pkg:npm/%40solana/web3.js@1.91.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.91.3

aliases CVE-2024-30253, GHSA-8m45-2rjm-j347

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ysu-hj1h-bub5

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.49.0

Package Instance