GHSA-33qr-m49q-rxfx: Duplicate

April 22, 2025 (updated January 26, 2026)

This advisory duplicates another.

References

github.com/XRPLF/xrpl.js
github.com/XRPLF/xrpl.js/security/advisories/GHSA-33qr-m49q-rxfx
github.com/advisories/GHSA-33qr-m49q-rxfx
www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor
xrpl.org/docs/tutorials/how-tos/manage-account-settings/assign-a-regular-key-pair
xrpl.org/docs/tutorials/how-tos/manage-account-settings/disable-master-key-pair

Code Behaviors & Features

Detect and mitigate GHSA-33qr-m49q-rxfx with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →