Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update Ethers.js from 5.0.30 to 5.3.0
ethers.js before 5.3.0 is using ws 7.2.3. This version of ws is vulnerable to Regular Expression Denial of Service (ReDoS). A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. ethers.js 5.3.0 has been updated to use a version of ws that is not vulnerable to this. ethers-io/ethers.js#1634 websockets/ws@00c425e
- Loading branch information