76 matches found
MAL-2023-440 Malicious code in figma-ping (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ebe1815dd250b41e64f2909a2e5146f9cd629767dda41d0a8b14058b18463501 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview pexels-figma is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious Package
Overview polaris-for-figma is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...
Malicious code in base-figma-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0dd9075841d7abcb71ab19a2b5e2295a1a261b1570271b5f2e399f49337eb37 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @fbsystem/figma-intern-shell (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89d273e9459a52f8724d5b65339a1a5e171ff28e3f44bba89b71c6ffdd0c5142 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @fbsystem/figma-messenger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71addafc4195bb495c6b65e56d535eb02c90e7fdc06b56a35ca98d98555c644a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-268 Malicious code in @fbsystem/figma-messenger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71addafc4195bb495c6b65e56d535eb02c90e7fdc06b56a35ca98d98555c644a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @fbsystem/figma-graphql (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ffcdcbc9429c0fa805533c9d10c14de74d0e13ff69d006e033802a11ac00733b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-266 Malicious code in @fbsystem/figma-graphql (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ffcdcbc9429c0fa805533c9d10c14de74d0e13ff69d006e033802a11ac00733b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in figma-intern-shell (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30dc54296ac108766caff8eb4c2dbe81d1423412a122036236997a553b5e949d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3029 Malicious code in figma-intern-shell (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30dc54296ac108766caff8eb4c2dbe81d1423412a122036236997a553b5e949d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in figma-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d59ca6bba936b6edfaeff51608257b13b753c0aa85f70620985f7708c1ea800 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3030 Malicious code in figma-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d59ca6bba936b6edfaeff51608257b13b753c0aa85f70620985f7708c1ea800 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in polaris-for-figma (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f9cc72ba38bac2d8da8ceffd9f66c4cc9d2a95df2cc6eb80bf409e05bc7f4ec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Figma: Race condition while removing the love react in community files.
The researcher found that the server-side code for handling the "unlike" function for community pages was vulnerable to a race condition. While logically one person is only allowed to remove the one like they had, a hundred requests at the same time could allow one person to do a hundred unlikes...
Isometric Illustrations in Figma
Figma is a powerful tool for interface development and prototyping. We use it to design our products and to create graphic layouts for marketing and other purposes. One of the most significant advantages of Figma is that it allows you to write custom plugins enabling third-party developers to...