MAL-2025-7195 Malicious code in @crabas0npm/autem-cupiditate-amet (npm)

The package @crabas0npm/autem-cupiditate-amet was found to contain malicious code...

CVE-2025-7195

creationtimestamp| type| source ---|---|--- 2025-08-07 19:54:33+00:00| seen| Telegram/GpdUEKD5xg157H5x-57icFnmM1Ozjcs46k5Wo1TnLQR5r0...

CVE-2025-7195

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...

CVE-2025-7195 Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...

CVE-2025-7195 Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...

CVE-2025-7195

Technical details about CVE-2025-7195 are not publicly available in the provided documents; monitor for updates.

CVE-2025-7195

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...