Malicious code in @hopper-b2b/flair (npm)

The package @hopper-b2b/flair was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-8068 Malicious code in @hopper-b2b/flair (npm)

The package @hopper-b2b/flair was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Arbitrary Code Injection

Overview flair is an A very simple framework for state-of-the-art NLP Affected versions of this package are vulnerable to Arbitrary Code Injection through the function ClusteringModel of the file flair\models\clustering.py. An attacker can execute arbitrary code by manipulating the input data to...