Components
Vulnerabilities
Pricing
MCP
API
Docs
Sign up
Login
finchain-client 1.4.7 | Vulnerabilities | Sonatype Guide
npm
finchain-client
1.4.7
finchain-client 1.4.7
Latest
Published
Dec 25, 2019
•
Policy
compliance
npm Registry
Developer Trust Score
N/A
Recommended Version:
x.y.z
Latest version with 0 known vulnerabilities that meets your policy.
Compare Versions
Overview
Overview
Versions
16
Versions
16
Vulnerabilities
1
Vulnerabilities
1
Dependencies
24
Dependencies
24
Reset filters
Severity
Critical
(0)
High
(1)
Medium
(0)
Low
(0)
CVSS Score
0.0
10.0
EPSS Score
0.0
1.0
Malware
KEV Status
Published
Filter
Sort: Published (Newest first)
8.7
CVE-2026-23965
sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for arbitrary public keys. If the message space contains sufficient redundancy, the attacker can fix the prefix of the message associated with the forged signature to satisfy specific formatting requirements. Version 0.4.0 patches the issue.
affected
Severity
High
Published
Jan 22, 2026
