Cloud Vulnerability DB
A community-led vulnerabilities database
Wiz Agents & Workflows are here
Vulnerability DatabaseGHSA-qr2g-p6q7-w82m
GHSA-qr2g-p6q7-w82m:
JavaScript vulnerability analysis and mitigation
Impact
A security vulnerability exists in outdated versions of the x402 SDK. This vulnerability does not affect users' private keys, smart contracts, or funds. The issue impacts resource servers accepting payments on Solana when the facilitator is running a vulnerable version of the x402 SDK.
Who Should Take Action
Facilitators that process payments on Solana must upgrade the x402 SDK to the patched versions listed below. Clients are not required to upgrade. Resource servers are not required to upgrade unless they operate their own facilitator (self-facilitate).
Patches
Please update to the following package versions:
- Npm: @x402/svm >= 2.6.0
- Pypi: x402 >= 2.3.0
- Go: x402 >= 2.5.0
Source: NVD
Related JavaScript vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management