166 matches found
Malicious code in lyft-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 98ac8ee2b0e096fab5b480794e79170dbc9b2162464fdf0f1e0124de1575cfd5 The OpenSSF Package Analysis project identified 'lyft-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...
MAL-2025-523 Malicious code in lyft-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 98ac8ee2b0e096fab5b480794e79170dbc9b2162464fdf0f1e0124de1575cfd5 The OpenSSF Package Analysis project identified 'lyft-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...
Malicious code in iberia-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 319f6abf3b09e20e9437a49664f6cc30ab33e4f25254aedd9d3d440e46770d2e The OpenSSF Package Analysis project identified 'iberia-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packag...
MAL-2025-485 Malicious code in iberia-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 319f6abf3b09e20e9437a49664f6cc30ab33e4f25254aedd9d3d440e46770d2e The OpenSSF Package Analysis project identified 'iberia-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packag...
Malicious code in godaddy-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 724a0da7bd51020bd0cb61eeedbe68f99b1b5c60d9d2deb419fd7c686671a4ad The OpenSSF Package Analysis project identified 'godaddy-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packa...
MAL-2025-458 Malicious code in godaddy-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 724a0da7bd51020bd0cb61eeedbe68f99b1b5c60d9d2deb419fd7c686671a4ad The OpenSSF Package Analysis project identified 'godaddy-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packa...
Malicious code in coinbase-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a25de48e1e4b5422328ce0552b7bbefcbff48c60e5210c28c0a825009ca329b9 The OpenSSF Package Analysis project identified 'coinbase-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The...
MAL-2025-415 Malicious code in coinbase-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a25de48e1e4b5422328ce0552b7bbefcbff48c60e5210c28c0a825009ca329b9 The OpenSSF Package Analysis project identified 'coinbase-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The...
Malicious code in bookingcom-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab2ea2b7b235a47a2460539376dab8e2ab9b4021eaec754934cc11c7e2636672 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-396 Malicious code in bookingcom-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab2ea2b7b235a47a2460539376dab8e2ab9b4021eaec754934cc11c7e2636672 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in amazon-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6d636dd276d6d15fd9f9e581c52e6eeb5544ee37a69159d195dfd60454c8a42f The OpenSSF Package Analysis project identified 'amazon-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packag...
MAL-2025-370 Malicious code in amazon-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6d636dd276d6d15fd9f9e581c52e6eeb5544ee37a69159d195dfd60454c8a42f The OpenSSF Package Analysis project identified 'amazon-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packag...
Malicious code in airbnb-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5dbe417775cdf936de0b309b6f15596072d0e6111399a3f24d499f98f0fde022 The OpenSSF Package Analysis project identified 'airbnb-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packag...
MAL-2025-356 Malicious code in airbnb-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5dbe417775cdf936de0b309b6f15596072d0e6111399a3f24d499f98f0fde022 The OpenSSF Package Analysis project identified 'airbnb-api-client' @ 999.9.9 npm as malicious. It is considered malicious because: - The packag...
Malicious code in 32red-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea3623ead06a5bd298fe1d4801b7c71c6729b130919b4eaf32b6f6ff94a7c1a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11862 Malicious code in 32red-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea3623ead06a5bd298fe1d4801b7c71c6729b130919b4eaf32b6f6ff94a7c1a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in 000webhost-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 424a15d33d860d965471f624163b86c21f38af3ad003ddad4fc96749ff992245 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11851 Malicious code in 000webhost-api-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 424a15d33d860d965471f624163b86c21f38af3ad003ddad4fc96749ff992245 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-GHJW-32XW-FFWR Argo Workflows Controller: Denial of Service via malicious daemon Workflows
Summary Due to a race condition in a global variable, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This was resolved by https://github.com/argoproj/argo-workflows/pull/13641 Details These two lines introduce a data race in the...
Malicious code in @daimler-rcms/api-client (npm)
--- -= Per source details. Do not edit below this line.=-...