8 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the snappy:Decoder function. An attacker can cause excessive memory consumption and potential out-of-memory errors by sending malformed blocks that bypass request size limits. This...
MAL-2025-141755 Malicious code in dotenv-safe-hyperion-karma-stream (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41545b93f714faf7d695c18bdad4365cb382c7a187442a99e2252a943a2c2cdd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-123634
Malicious code in playwright-stream-playwright-acamar npm...
EUVD-2025-115203
Malicious code in command-gulp-stream-stream npm...
EUVD-2025-121599
Malicious code in stream-mysql-typeorm-halley npm...
MAL-2025-5588 Malicious code in wp-stream (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7bd25807808ab0722baeb487925a65428a1198b9ff17c596ae5c3a7ec1d05161 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-26HG-CRH6-MJRW Directory Traversal
Affected versions of list-n-stream package 0.0.10 and before, are vulnerable to a directory traversal issue...
Directory Traversal
Affected versions of list-n-stream package 0.0.10 and before, are vulnerable to a directory traversal issue...