Malicious code in assert-json-not (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad56c36eacf8881039723de4379e14983280b611dba15585274909b1a3c1b326 The package assert-json-not was found to contain malicious code...

ROS-20251219-7303

A vulnerability in the MongoDB database management system server is related to the use of assert or a similar operator. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

Malicious Package

Overview assert-json-not is a malicious package. This package contains malicious code associated with a social engineering campaign called "Contagious Interview." The attackers target developers through fake job interviews or coding test assignments that require the installation of this package...

CVE-2025-13507 Time-series operations may cause internal BSON size limit to be exceed

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

CVE-2025-13507 Time-series operations may cause internal BSON size limit to be exceed

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

EUVD-2025-199533

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

MongoDB -- Improper Validation of Specified Quantity in Input

https://jira.mongodb.org/browse/SERVER-108565 reports: Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination...

kea security update

An update is available for kea. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list DHCP implementation from Internet Systems Consortium, Inc. that features fully...

EUVD-2025-180206

Malicious code in authorize-omega-earth-abstract-assert npm...

EUVD-2025-179845

Malicious code in catch-byte-decompress-cluster-assert npm...

EUVD-2025-180310

Malicious code in assert-zeta-visualize-data-char npm...

EUVD-2025-180313

Malicious code in assert-alpha-boolean-awk-mock npm...

EUVD-2025-176301

Malicious code in socket-uglify-notify-assert-encrypt npm...

EUVD-2025-178897

Malicious code in finally-stack-error-cold-assert npm...

Malicious code in eta-sed-assert-spy-hash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aba02fba2294b944dedb22735bc1a124430a994c135af1e2b1361494f868a743 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in function-assert-orchestrate-theta-cloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ced639df901c0d1de13cbfbcff06848335dd6fd1617517443157c3e3ee78e72c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176221

Malicious code in star-permission-parse-assert-small npm...

EUVD-2025-176144

Malicious code in sun-bad-assert-secure-protected npm...

EUVD-2025-176085

Malicious code in table-authorize-authenticate-assert-pi npm...

EUVD-2025-175883

Malicious code in tree-function-kappa-decrypt-assert npm...