5 matches found
@alicloud/cloud-charts (>=0.1.0 <=0.1.10), @alicloud/console-charts (>=0.1.0 <=0.3.0) +139 more potentially affected by unknown CVE via @antv/g2-brush (=0.0.2)
@antv/g2-brush NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/g2-brush and may be impacted: - @alicloud/cloud-charts =0.1.0, =0.1.0, =0.0.113, =0.0.113, =0.1.4-beta-3.3, =2.5.1, =0.0.5, =0.0.5, =0.0.5, =0.0.5, =0.0.5, =0.0.5,...
Malicious code in aliyun-sls (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aliyun-sls_sdk (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6578 Malicious code in aliyun-sls (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious Package
Overview aliyun-sls is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using aliyun-sls...