5 matches found
EUVD-2025-199504
Malicious code in @dev-blinq/ai-qa-logic npm...
Malicious code in @dev-blinq/ai-qa-logic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bcfefccc1ff9a7579321c6e45d16fc6aa94b9eaa45952fe47d415c2ffcde9a4 The package @dev-blinq/ai-qa-logic was found to contain malicious code. Source: ghsa-malware...
@dev-blinq/ai-qa-logic (=1.0.3) potentially affected by unknown CVE via @dev-blinq/ai-qa-logic (=1.0.18)
@dev-blinq/ai-qa-logic NPM version =1.0.18 is affected by a known vulnerability. The following packages have a transitive dependency on @dev-blinq/ai-qa-logic and may be impacted: - @dev-blinq/ai-qa-logic =1.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191210...
@dev-blinq/ai-qa-logic (>=1.0.0 <=1.0.18), @dev-blinq/cucumber_client (>=0.0.1 <=1.0.1633-dev) potentially affected by unknown CVE via automation_model (>=1.0.1-amdocs <=1.0.894-dev)
automationmodel NPM version =1.0.1-amdocs, =1.0.0, =0.0.1, =1.0.1633-dev Source cves: unknown CVE Source advisory: OSV:MAL-2025-191066...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...