6 matches found
@aligent/cdk-esbuild (=2.1.0), @aligent/cdk-graphql-mesh-server (>=2.2.0 <=2.17.0) +242 more potentially affected by CVE-2025-23206 via aws-cdk-lib (>=2.0.0-alpha.4 <=2.176.0)
aws-cdk-lib NPM version =2.0.0-alpha.4, =2.2.0, =2.3.7, =2.1.0, =2.1.0, =2.0.0-beta, =5.0.31-acdk-upgrade-2-129.0, =2.16.0-acdk-upgrade-2-129.0, =5.0.31-acdk-upgrade-2-129.0, =3.7.10-acdk-upgrade-2-129.0, =3.1.19-acdk-upgrade-2-129.0, =5.7.5-acdk-upgrade-2-129.0, =3.5.10-acdk-upgrade-2-129.0,...
Malicious Package
Overview amplify-category-api-e2e-core is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...
Malicious Package
Overview amplify-category-api-dynamodb-simulator is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only...
MAL-2022-976 Malicious code in amplify-category-api-dynamodb-simulator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8891bc9b89c5f04d865d23a8aaaa496f59bde6cca82becce21df120ddd894b9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in amplify-category-api-dynamodb-simulator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8891bc9b89c5f04d865d23a8aaaa496f59bde6cca82becce21df120ddd894b9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-977 Malicious code in amplify-category-api-e2e-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12a35d0a8b1a0a8aec5fef2c0e459f6151837f40572441aa6110a0d5686cb858 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...