agentggagentgg
Back to all findings
MEDIUMconfirmedvulnerable-dependencyunstable-version-in-production3d41c6dd22a0

z85 pinned to 0.0.x — pre-release used in production

`z85` is pulled in as `^0.0.2`, a 0.0.x range the brief specifically calls out as production-risky.

Filepackage.json
Lines148148
Confidence
55%
File statusvalidated
Details

The manifest contains:

"z85": "^0.0.2",

Like median above, ^0.0.2 only matches 0.0.2 exactly under semver, and indicates the upstream has never declared a stable release. Encoding/decoding libraries pinned at 0.0.x are a recurring source of supply-chain trouble (low maintainer activity, easy to typosquat or take over) and the brief lists this pattern as flag-worthy.

Proof of concept

Check the npm registry: z85 shows minimal maintenance activity and no 1.x release. Any future hostile takeover would land in production without test coverage.

Impact

Long-tail supply-chain risk on any path that encodes/decodes binary blobs through z85. No authentication needed to exercise the dependency once it is reachable from a request path.

Validation
confirmed

The package.json line "z85": "^0.0.2" is present exactly as described. Under semver, ^0.0.2 only matches 0.0.2 (caret doesn't widen ranges in 0.0.x), confirming the dependency is locked to a pre-1.0 release with the well-known supply-chain hygiene concerns the finding describes. The finding is technically accurate as an unstable-version-in-production observation, though the "exploit" is a speculative future supply-chain risk rather than an active vulnerability — matching the detector's modest 0.55 confidence.

CVSS 3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Base score: 5.6 · MEDIUM

The finding is a latent supply-chain risk: z85 is pinned at ^0.0.2, an unstable pre-release range, so a future hostile takeover/typosquat of the unmaintained package could ship malicious code into production. Exploitation reaches users over the network once z85 is invoked on an encode/decode path, with no auth or user interaction needed (AV:N, PR:N, UI:N), but it is contingent on a third-party event (registry takeover and publishing of a malicious version) that the attacker must arrange — that's the High Attack Complexity. Impact is bounded by what malicious code in a small encoder library can plausibly do within the Node process, so C/I/A are rated L rather than H, and the impact stays in the same component (Scope U) absent evidence of a sandbox/trust boundary crossing.

References