
We found results for “”
CVE-2025-27611
Good to know:

Date: April 30, 2025
base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions 3.0.11, 4.0.1, and 5.0.1.
Severity Score
Severity Score
Weakness Type (CWE)
Insufficient Visual Distinction of Homoglyphs Presented to User
CWE-1007Top Fix

Upgrade Version
Upgrade to version base-x - 5.0.1;base-x - 4.0.1;base-x - 3.0.11;https://github.com/cryptocoinjs/base-x.git - v5.0.1;https://github.com/cryptocoinjs/base-x.git - v4.0.1;https://github.com/cryptocoinjs/base-x.git - v3.0.11
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | HIGH |
Availability (A): | NONE |