676 matches found
MAL-2025-191003 Malicious code in react-native-phone-call (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e134ec88971e1ecadce79d1699bde00b798633b1ef9a0f6ebb2dbf67a51cdf5 The package react-native-phone-call was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199040
Malicious code in react-native-phone-call npm...
EUVD-2025-199039
Malicious code in react-native-retriable-fetch npm...
Malicious code in react-native-retriable-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a3d5e2b867c8c149b9f1a79751ad5cfa9699fe24ec38d49770f9f80a37b3aa The package react-native-retriable-fetch was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191004 Malicious code in react-native-retriable-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7a3d5e2b867c8c149b9f1a79751ad5cfa9699fe24ec38d49770f9f80a37b3aa The package react-native-retriable-fetch was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-native-view-finder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05a61e7a0f7e8f74f89c9dddee6548199270ab45dd47056248e1467bfecca1e4 The package react-native-view-finder was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199038
Malicious code in react-native-view-finder npm...
MAL-2025-191005 Malicious code in react-native-view-finder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05a61e7a0f7e8f74f89c9dddee6548199270ab45dd47056248e1467bfecca1e4 The package react-native-view-finder was found to contain malicious code. Source: ghsa-malware...
Malicious code in react-native-websocket (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48d8c015af60bd1c1cbe48b9005dbbde091d8abc3763d25544d978b8b133094 The package react-native-websocket was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191006 Malicious code in react-native-websocket (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48d8c015af60bd1c1cbe48b9005dbbde091d8abc3763d25544d978b8b133094 The package react-native-websocket was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199037
Malicious code in react-native-websocket npm...
EUVD-2025-198911
Malicious code in @seung-ju/react-native-action-sheet npm...
EUVD-2025-198901
Malicious code in posthog-react-native npm...
Malicious code in @seung-ju/react-native-action-sheet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a093775c06aa43c37f1449879903040ac8d4670967b0fc9931be9fc842d3c72 The package @seung-ju/react-native-action-sheet was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190926 Malicious code in posthog-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdc429049d0797390f57bc821cabd2d46fad88c5363136fc96bab4b5497000fe The package posthog-react-native was found to contain malicious code. Source: google-open-source-security...
Malicious code in posthog-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdc429049d0797390f57bc821cabd2d46fad88c5363136fc96bab4b5497000fe The package posthog-react-native was found to contain malicious code. Source: google-open-source-security...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@jbrowse/core (>=1.4.0 <=1.7.3), @persistr/js (>=3.6.3 <=3.14.0) +5 more potentially affected by unknown CVE via tenacious-fetch (=2.3.1)
tenacious-fetch NPM version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tenacious-fetch and may be impacted: - @jbrowse/core =1.4.0, =3.6.3, =1.0.5, =1.0.0, =1.2.0 Source cves: unknown CVE Source advisory: SNYK:JS-TENACIOUSFETCH-14103737...
module-mobile-js (>=1.3.8 <=1.4.0), react-native-iris-sdk (>=3.3.16 <=3.3.31) potentially affected by unknown CVE via react-native-log-level (=1.2.0)
react-native-log-level NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on react-native-log-level and may be impacted: - module-mobile-js =1.3.8, =3.3.16, =3.3.31 Source cves: unknown CVE Source advisory:...