166 matches found
MAL-2026-437 Malicious code in lumo-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab5d24591ceb311425ae395bd2b1bf7f82818bd6c7946d669a19c619462fd755 The package lumo-api-client was found to contain malicious code. Source: ghsa-malware da916419989a0707bcaa3fc59ba24e3ef90e2ec5df35aa6cc1e81f8d3cb82c6...
Race Condition
com.okta.sdk, okta-sdk-api is vulnerable to a Race Condition. The vulnerability is due to concurrent use of the ApiClient class, where shared request state can cause response headers or status codes from one request to affect another, potentially leading to incorrect or unsafe API responses...
CVE-2025-67505
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another...
CVE-2025-67505
The CVE-2025-67505 entry describes a race condition in the Okta Java Management SDK (versions 11.0.0 through 20.0.0) caused by concurrent requests using the ApiClient class. This condition can allow the status code or response header from one request to influence another request’s response. Red H...
CVE-2025-67505 Race condition in the Okta Java SDK
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another...
Race condition in the Okta Java SDK
Description In the Okta Java SDK, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. Affected product and versions You may be affected if you meet the...
Missing Release of Memory after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to improper cleanup of threads in multithreaded environments. An attacker can cause resource exhaustion and degrade application performance by repeatedly initiating requests in a...
PT-2025-50553
Name of the Vulnerable Software and Affected Versions Okta Java Management SDK versions 11.0.0 through 20.0.0 Description The Okta Java Management SDK, used for interacting with the Okta management API, is susceptible to race conditions when handling concurrent requests utilizing the ApiClient...
PT-2025-50545
Name of the Vulnerable Software and Affected Versions Okta Java Management SDK versions 21.0.0 through 24.0.0 Description The Okta Java Management SDK, used for interacting with the Okta management API, has a potential issue in multithreaded implementations. Versions 21.0.0 through 24.0.0 may...
EUVD-2025-199181
Malicious code in @lessondesk/api-client npm...
Malicious code in @varsityvibe/api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d2a44aba3b7acd04a01442d5b341474ac6638d772aaac1716a726e819d48611 The package @varsityvibe/api-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in haufe-axera-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e49957e5f8983a7e16bd6d6377b03e200addbb6bd6dcd834f6370b5fa5f77061 The package haufe-axera-api-client was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199081
Malicious code in haufe-axera-api-client npm...
MAL-2025-190962 Malicious code in haufe-axera-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e49957e5f8983a7e16bd6d6377b03e200addbb6bd6dcd834f6370b5fa5f77061 The package haufe-axera-api-client was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview badgekit-api-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-48774 Malicious code in badgekit-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 845af37fdbb4804eebee38f23aa25a4147f6e1d3a5e908d5d3bbe855105da3a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in badgekit-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 845af37fdbb4804eebee38f23aa25a4147f6e1d3a5e908d5d3bbe855105da3a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2021-0889
Malware in sbrugna...
EUVD-2021-1049
Malware in sbrugna...
EUVD-2009-3826
Malware in sbrugna...