14 matches found
@antora/cli (>=2.3.2 <=3.0.0-alpha.9), @antora/playbook-builder (>=2.3.2 <=3.0.0-alpha.9) +100 more potentially affected by CVE-2026-33863 via convict (>=6.0.0 <=6.2.4)
convict NPM version =6.0.0, =2.3.2, =2.3.2, =2.3.2, =1.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.7.0 and more Source cves: CVE-2026-33863 Source advisory: SNYK:JS-CONVICT-15790594...
Malicious code in antora-navigator-extension (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea546d0e4728489bf022620518fcacbdeead708393058151148b3434c4651256 The package antora-navigator-extension was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-37524
Malicious code in antora-navigator-extension npm...
MAL-2025-49348 Malicious code in antora-navigator-extension (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea546d0e4728489bf022620518fcacbdeead708393058151148b3434c4651256 The package antora-navigator-extension was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-36791
Malicious code in @apache-felix/felix-antora-ui npm...
Malicious Package
Overview @apache-netbeans/netbeans-antora-ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization an...
Malicious code in @apache-felix/felix-antora-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b51d8cb92483d748cafc2b53ff5dfcef6b4c8e4dbe7b73c671a3a5cb338a9aaf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-36790
Malicious code in @apache-netbeans/netbeans-antora-ui npm...
MAL-2025-48960 Malicious code in @apache-netbeans/netbeans-antora-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64c5548a67ff295a5fef8341e288347ac54fd9677bfd0be6e0752cc670888f37 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48959 Malicious code in @apache-felix/felix-antora-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b51d8cb92483d748cafc2b53ff5dfcef6b4c8e4dbe7b73c671a3a5cb338a9aaf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Spring Framework Reference Documentation Update
Starting with version 6.0.9, the Spring Framework reference documentation site is generated with Antora. This is a big change that brings many improvements. This blog post provides context around that. Overview For a long time the Spring Framework reference documentation had two versions, one...
46c-sector (>=1.0.0 <=1.2.1), @aatishgh/antora_site_generator_lunr_custom (>=0.4.0 <=0.4.3) +430 more potentially affected by CVE-2023-0163 via convict (>=0.0.6 <=6.2.3)
convict NPM version =0.0.6, =1.0.0, =0.4.0, =0.0.1, =0.0.2, =1.0.0, =1.0.0, =1.0.0, =2.2.0, =0.0.1, =1.0.0, =0.0.1, =2.1.0, =2.0.0, =3.0.2 and more Source cves: CVE-2023-0163 Source advisory: OSV:GHSA-4JRM-C32X-W4JF...
@antora/cli (>=2.3.2 <=3.0.0-alpha.9), @antora/playbook-builder (>=2.3.2 <=3.0.0-alpha.9) +54 more potentially affected by CVE-2022-21190 +1 more via convict (>=6.0.0 <=6.2.2)
convict NPM version =6.0.0, =2.3.2, =2.3.2, =2.3.2, =1.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.7.0 and more Source cves: CVE-2022-21190, CVE-2022-22143 Source advisory: SNYK:JS-CONVICT-2774757...
@antora/cli (>=2.3.2 <=3.0.0-alpha.9), @antora/playbook-builder (>=2.3.2 <=3.0.0-alpha.9) +53 more potentially affected by CVE-2022-22143 via convict (>=6.0.0 <=6.2.1)
convict NPM version =6.0.0, =2.3.2, =2.3.2, =2.3.2, =1.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.7.0 and more Source cves: CVE-2022-22143 Source advisory: SNYK:JS-CONVICT-2340604...