MAL-2025-14744 Malicious code in appversion-generator (npm)

The package appversion-generator was found to contain malicious code...

Malicious code in appversion-generator (npm)

The package appversion-generator was found to contain malicious code...

Malicious code in @ag2rlamondiale/appversion-generator (npm)

The package @ag2rlamondiale/appversion-generator was found to contain malicious code...

MAL-2025-7047 Malicious code in @ag2rlamondiale/appversion-generator (npm)

The package @ag2rlamondiale/appversion-generator was found to contain malicious code...

CVE-2024-52799

Argo Workflows Chart (Helm) prior to 0.44.0 has a vulnerable workflow-role with excessive privileges, including create pods/exec, enabling kubectl exec into any Pod in the same namespace and potentially arbitrary code execution if a user runs a malicious template. Affected charts are those using ...

@saithodev/ts-appversion (>=1.3.0 <=2.1.2), ng-appversion (=1.3.0) +1 more potentially affected by CVE-2023-26134 via git-commit-info (=1.1.0)

git-commit-info NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on git-commit-info and may be impacted: - @saithodev/ts-appversion =1.3.0, =1.0.0, =2.0.3 Source cves: CVE-2023-26134 Source advisory: OSV:GHSA-H42J-MRMP-9369...

CVE-2022-25188

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker...

CVE-2022-25188

Jenkins Fortify Plugin 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, allowing attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with content not controllable by the attacker...