3 matches found
Malicious code in 0x2ai-demo7x (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7e956073a7db6057e4d42af462dba0299152ca992c113d74c715e90574d0efb On npm install, scripts/postinstall.cjs copies the package's payload/ tree into the installer's project root process.env.INITCWD, placing...
Malicious code in 0x2ai-zoe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 724bd98c39a8e4ff21b039fddeadfda7f0ef7e3c6be47e771d72efed77d02b1b On npm install, scripts/postinstall.cjs copies the entire payload/ tree into process.env.INITCWD the directory the developer ran npm from, depositing...
nnU-Net 安全漏洞
nnU-Net is an automatic adaptation dataset semantic segmentation framework developed by MIC-DKFZ. Versions of nnU-Net prior to 2.4.1 contained a security vulnerability. This vulnerability stemmed from the Issue Triage workflow, which allowed attackers to control content injection into the Claude...