698 matches found
MAL-2026-5614 Malicious code in janus-erc20 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 728f3d5af5a999be016a49283fff2c5cedc0c5df445d2f078f1f9817dde22334 On npm install, postinstall.js harvests installer secrets and POSTs them to 193.203.169.109:8443/c/janus-erc20 over HTTPS with TLS verification...
Malicious code in janus-flow (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d33c10c068a69d14d0333b93de7745caffd62013c57de6c55f20a6b53ffdcb1 On npm install, the package's postinstall hook node postinstall.js 2/dev/null || true silently runs a credential harvester against the installer...
PT-2026-44990
Name of the Vulnerable Software and Affected Versions FreeSWITCH versions prior to 1.11.0 Description The bundled XML parser in FreeSWITCH expands nested declarations without a depth or count bound. This allows a small Document Type Definition DTD to describe a body that expands exponentially, a...
CVE-2020-10574
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "querylogger" Admin API request, because of a typo in the JSON validation...
CVE-2020-10575
An issue was discovered in Janus through 0.9.1. plugins/janusvideocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times...
CVE-2020-10573
An issue was discovered in Janus through 0.9.1. janusaudiobridge.c has a double mutex unlock when listing private rooms in AudioBridge...
Malicious Package
Overview usage-tracker-janus is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in usage-tracker-janus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8998ae7ec51b23bfdefe724e7c4bc34ad623362708f171a1c3ffcf4e98be15e0 The package usage-tracker-janus was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-204508
Malicious code in usage-tracker-janus npm...
MAL-2025-192644 Malicious code in usage-tracker-janus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8998ae7ec51b23bfdefe724e7c4bc34ad623362708f171a1c3ffcf4e98be15e0 The package usage-tracker-janus was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-178307
Malicious code in janus-mysql-delphinus-convict npm...
EUVD-2025-178309
Malicious code in janus-greatfilter-cosmiconfig-ursa npm...
Malicious code in janus-dagda-query-ceres (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afb85b42a5c537dcd9141514d6280fb515d53ef44c3e7801ea47c15aa7a3fa71 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-180168
Malicious code in axios-mineralogy-pyxis-janus npm...
EUVD-2025-178076
Malicious code in lint-janus-juno-blueshift npm...
EUVD-2025-178499
Malicious code in hugo-capella-janus-nucleosynthesis npm...
Malicious code in janus-greatfilter-cosmiconfig-ursa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4678fcb16a0b7adb4817edb4b06bec8c2c550bf2f68a2e83f948eed4985d886a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178301
Malicious code in janus-remark-thuban-sails npm...
Malicious code in stream-janus-soap-juno (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd0748be6aaa678054ffec1227c9412d1378a7a4ce501ac61fd6eab94006e013 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177034
Malicious code in procyon-cluster-janus-fomalhaut npm...