Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:npm/%40solana/web3.js@1.43.0

Type npm

Namespace @solana

Name web3.js

Version 1.43.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.91.3

Latest_non_vulnerable_version 1.95.8

Affected_by_vulnerabilities

url VCID-fuf9-y3bd-a7hh

vulnerability_id VCID-fuf9-y3bd-a7hh

summary

@solana/web3.js vulnerable to Denial of Service attack via Message/Transaction object deserialization
Using particular inputs with `@solana/web3.js` will result in memory exhaustion (OOM).

If you have a server, client, mobile, or desktop product that accepts untrusted input for use with `@solana/web3.js`, your application/service may crash, resulting in a loss of availability.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-30253

reference_id

reference_type

scores

value	0.00142
scoring_system	epss
scoring_elements	0.34202
published_at	2026-06-06T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34149
published_at	2026-06-09T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34128
published_at	2026-06-08T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34168
published_at	2026-06-07T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34186
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-30253

reference_url

https://github.com/solana-labs/solana-web3.js

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/solana-labs/solana-web3.js

reference_url

https://github.com/solana-labs/solana-web3.js/commit/77d935221a4805107b20b60ae7c1148725e4e2d0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T14:18:35Z/

url

https://github.com/solana-labs/solana-web3.js/commit/77d935221a4805107b20b60ae7c1148725e4e2d0

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-30253

reference_id

CVE-2024-30253

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-30253

reference_url

https://github.com/advisories/GHSA-8m45-2rjm-j347

reference_id

GHSA-8m45-2rjm-j347

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-8m45-2rjm-j347

reference_url

https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-8m45-2rjm-j347

reference_id

GHSA-8m45-2rjm-j347

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-21T14:18:35Z/

url

https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-8m45-2rjm-j347

fixed_packages

url pkg:npm/%40solana/web3.js@1.43.7

purl pkg:npm/%40solana/web3.js@1.43.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.43.7

url pkg:npm/%40solana/web3.js@1.44.4

purl pkg:npm/%40solana/web3.js@1.44.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.44.4

url pkg:npm/%40solana/web3.js@1.45.1

purl pkg:npm/%40solana/web3.js@1.45.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.45.1

url pkg:npm/%40solana/web3.js@1.46.1

purl pkg:npm/%40solana/web3.js@1.46.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.46.1

url pkg:npm/%40solana/web3.js@1.47.5

purl pkg:npm/%40solana/web3.js@1.47.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.47.5

url pkg:npm/%40solana/web3.js@1.48.1

purl pkg:npm/%40solana/web3.js@1.48.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.48.1

url pkg:npm/%40solana/web3.js@1.49.1

purl pkg:npm/%40solana/web3.js@1.49.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.49.1

url pkg:npm/%40solana/web3.js@1.50.2

purl pkg:npm/%40solana/web3.js@1.50.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.50.2

url pkg:npm/%40solana/web3.js@1.51.1

purl pkg:npm/%40solana/web3.js@1.51.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.51.1

url pkg:npm/%40solana/web3.js@1.52.1

purl pkg:npm/%40solana/web3.js@1.52.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.52.1

url pkg:npm/%40solana/web3.js@1.53.1

purl pkg:npm/%40solana/web3.js@1.53.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.53.1

url pkg:npm/%40solana/web3.js@1.54.2

purl pkg:npm/%40solana/web3.js@1.54.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.54.2

url pkg:npm/%40solana/web3.js@1.55.1

purl pkg:npm/%40solana/web3.js@1.55.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.55.1

url pkg:npm/%40solana/web3.js@1.56.3

purl pkg:npm/%40solana/web3.js@1.56.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.56.3

url pkg:npm/%40solana/web3.js@1.57.1

purl pkg:npm/%40solana/web3.js@1.57.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.57.1

url pkg:npm/%40solana/web3.js@1.58.1

purl pkg:npm/%40solana/web3.js@1.58.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.58.1

url pkg:npm/%40solana/web3.js@1.59.2

purl pkg:npm/%40solana/web3.js@1.59.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.59.2

url pkg:npm/%40solana/web3.js@1.60.1

purl pkg:npm/%40solana/web3.js@1.60.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.60.1

url pkg:npm/%40solana/web3.js@1.61.2

purl pkg:npm/%40solana/web3.js@1.61.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.61.2

url pkg:npm/%40solana/web3.js@1.62.2

purl pkg:npm/%40solana/web3.js@1.62.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.62.2

url pkg:npm/%40solana/web3.js@1.63.2

purl pkg:npm/%40solana/web3.js@1.63.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.63.2

url pkg:npm/%40solana/web3.js@1.64.1

purl pkg:npm/%40solana/web3.js@1.64.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.64.1

url pkg:npm/%40solana/web3.js@1.65.1

purl pkg:npm/%40solana/web3.js@1.65.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.65.1

url pkg:npm/%40solana/web3.js@1.66.6

purl pkg:npm/%40solana/web3.js@1.66.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.66.6

url pkg:npm/%40solana/web3.js@1.67.3

purl pkg:npm/%40solana/web3.js@1.67.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.67.3

url pkg:npm/%40solana/web3.js@1.68.2

purl pkg:npm/%40solana/web3.js@1.68.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.68.2

url pkg:npm/%40solana/web3.js@1.69.1

purl pkg:npm/%40solana/web3.js@1.69.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.69.1

url pkg:npm/%40solana/web3.js@1.70.4

purl pkg:npm/%40solana/web3.js@1.70.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.70.4

url pkg:npm/%40solana/web3.js@1.71.1

purl pkg:npm/%40solana/web3.js@1.71.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.71.1

url pkg:npm/%40solana/web3.js@1.72.1

purl pkg:npm/%40solana/web3.js@1.72.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.72.1

url pkg:npm/%40solana/web3.js@1.73.5

purl pkg:npm/%40solana/web3.js@1.73.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.73.5

url pkg:npm/%40solana/web3.js@1.74.1

purl pkg:npm/%40solana/web3.js@1.74.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.74.1

url pkg:npm/%40solana/web3.js@1.75.1

purl pkg:npm/%40solana/web3.js@1.75.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.75.1

url pkg:npm/%40solana/web3.js@1.76.1

purl pkg:npm/%40solana/web3.js@1.76.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.76.1

url pkg:npm/%40solana/web3.js@1.77.4

purl pkg:npm/%40solana/web3.js@1.77.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.77.4

url pkg:npm/%40solana/web3.js@1.78.8

purl pkg:npm/%40solana/web3.js@1.78.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.78.8

url pkg:npm/%40solana/web3.js@1.79.1

purl pkg:npm/%40solana/web3.js@1.79.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.79.1

url pkg:npm/%40solana/web3.js@1.80.1

purl pkg:npm/%40solana/web3.js@1.80.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.80.1

url pkg:npm/%40solana/web3.js@1.81.1

purl pkg:npm/%40solana/web3.js@1.81.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.81.1

url pkg:npm/%40solana/web3.js@1.82.1

purl pkg:npm/%40solana/web3.js@1.82.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.82.1

url pkg:npm/%40solana/web3.js@1.83.1

purl pkg:npm/%40solana/web3.js@1.83.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.83.1

url pkg:npm/%40solana/web3.js@1.84.1

purl pkg:npm/%40solana/web3.js@1.84.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.84.1

url pkg:npm/%40solana/web3.js@1.85.1

purl pkg:npm/%40solana/web3.js@1.85.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.85.1

url pkg:npm/%40solana/web3.js@1.86.1

purl pkg:npm/%40solana/web3.js@1.86.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.86.1

url pkg:npm/%40solana/web3.js@1.87.7

purl pkg:npm/%40solana/web3.js@1.87.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.87.7

url pkg:npm/%40solana/web3.js@1.88.1

purl pkg:npm/%40solana/web3.js@1.88.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.88.1

url pkg:npm/%40solana/web3.js@1.89.2

purl pkg:npm/%40solana/web3.js@1.89.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.89.2

url pkg:npm/%40solana/web3.js@1.90.2

purl pkg:npm/%40solana/web3.js@1.90.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-fuf9-y3bd-a7hh

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.90.2

url	pkg:npm/%40solana/web3.js@1.91.3
purl	pkg:npm/%40solana/web3.js@1.91.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.91.3

aliases CVE-2024-30253, GHSA-8m45-2rjm-j347

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fuf9-y3bd-a7hh

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:npm/%2540solana/web3.js@1.43.0

Package Instance