Malicious code in dotenv-xtend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6523f1fff137b4db7fd0ed316a5d88d808ecb32bf0456c9977cdae82564f15d The package dotenv-xtend was found to contain malicious code...

MAL-2026-2351 Malicious code in dotenv-xtend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6523f1fff137b4db7fd0ed316a5d88d808ecb32bf0456c9977cdae82564f15d The package dotenv-xtend was found to contain malicious code...

EUVD-2020-16362

Malware in sbrugna...

EUVD-2022-5161

Malicious code in bioql PyPI...

CVE-2020-23618

A reflected cross site scripting XSS vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page...

GHSA-RFJ2-4G26-7JW5 Potentially compromised builds

All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised...

CVE-2019-10249

All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised...

Xtend Cross-Site Scripting Vulnerability

Xtend is a general-purpose high-level programming language for the Eclipse Foundation's Java Virtual Machine. Xtend Voice Logger version 1.0 has a security vulnerability that stems from a cross-site scripting vulnerability in the error page. An attacker can use the vulnerability to execute...

CVE-2020-23618

A reflected cross site scripting XSS vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page...

CVE-2020-23618

A reflected cross site scripting XSS vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page...

Cross site scripting

A reflected cross site scripting XSS vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page...

CVE-2020-23618

CVE-2020-23618: Reflected XSS in Xtend Voice Logger 1.0 . Multiple connected records confirm a reflected cross-site scripting vulnerability in the error page path of Xtend Voice Logger 1.0, enabling attackers to execute arbitrary web scripts/HTML in a victim’s browser. The CVE is documented with ...

CVE-2020-23618

A reflected cross site scripting XSS vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page...

Xtend 跨站脚本漏洞

Xtend is a general-purpose high-level programming language for the Eclipse Foundation's Java Virtual Machine. Xtend Voice Logger version 1.0 has a security vulnerability that stems from a cross-site scripting vulnerability in the error page. An attacker can use the vulnerability to execute...

Man-in-the-Middle (MitM)

Xtend Maven Plugin is vulnerable to man-in-the-middle MitM attack. The plugins are downloaded over an insecure HTTP channel, which would allow a man-in-the-middle attacker to modify and add malicious code into the plugins...

CVE-2019-10249

All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised...

CVE-2019-10249

All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised...

Design/Logic Flaw

All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised...

CVE-2019-10249

All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised...

CVE-2019-10249

CVE-2019-10249 affects all Xtext and Xtend versions prior to 2.18.0 where artifacts were built over HTTP instead of HTTPS, creating a risk that build artifacts could be compromised. The connected sources corroborate a MITM-style risk during builds and describe a remediation: upgrade to org.eclips...