Components Vulnerabilities Pricing MCP API

Docs

Find vulnerabilities. Fix fast with AI.

Search components by package, version, or CVE to get started.

Get full component data and automated fixes with Sonatype Guide.

maven

org.webjars.bowergithub.chainsafe

web3.js

1.7.0

web3.js 1.7.0

org.webjars.bowergithub.chainsafe

PublishedJan 26, 2022•Policy

compliance

maven Registry

Developer Trust Score

Recommended Version:x.y.z

Recommended upgrade that meets your policy.

Compare Versions

Get full component data and automated fixes with Sonatype Guide.

maven

org.webjars.bowergithub.chainsafe

web3.js

1.7.0

web3.js 1.7.0

org.webjars.bowergithub.chainsafe

PublishedJan 26, 2022•Policy

compliance

maven Registry

Developer Trust Score

Recommended Version:x.y.z

Recommended upgrade that meets your policy.

Compare Versions

Severity

Critical (0)

High (0)

Medium (2)

Low (0)

CVSS Score

0.010.0

EPSS Score

0.01.0

Malware

KEV StatusPublished

6.3CVE-2025-57329

web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

affected

SeverityMedium

PublishedSep 26, 2025

5.3sonatype-2019-0184

web3 - Information Disclosure

affected

SeverityMedium

PublishedMay 1, 2019

Severity

Critical (0)

High (0)

Medium (2)

Low (0)

CVSS Score

0.010.0

EPSS Score

0.01.0

Malware

KEV StatusPublished

6.3CVE-2025-57329

affected

SeverityMedium

PublishedSep 26, 2025

5.3sonatype-2019-0184

web3 - Information Disclosure

affected

SeverityMedium

PublishedMay 1, 2019