14 matches found
EUVD-2022-1115
Malicious code in bioql PyPI...
Malicious code in atlaskit-registry (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a82f51289bb90a9a96816fcf188b81cd24166b48cac9cc66d28af7e68e1acc1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3723 Malicious code in atlaskit-registry (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a82f51289bb90a9a96816fcf188b81cd24166b48cac9cc66d28af7e68e1acc1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2645 Malicious code in atlaskit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53c2e76bf702d1effe3dbdd769b8d5be4ab4cf0d86dae87ff1aeb9b94e4c6f24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in atlaskit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53c2e76bf702d1effe3dbdd769b8d5be4ab4cf0d86dae87ff1aeb9b94e4c6f24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
@atlaskit/editor-plugin-media-editing (>=0.1.0 <=1.2.1) potentially affected by unknown CVE via react-intl-next (=0.0.1-security)
react-intl-next NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on react-intl-next and may be impacted: - @atlaskit/editor-plugin-media-editing =0.1.0, =1.2.1 Source cves: unknown CVE Source advisory: OSV:MAL-2022-5650...
Cross-site scripting in @atlaskit/editor-core
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...
GHSA-P5CH-W78F-XH44 Cross-site scripting in @atlaskit/editor-core
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...
Cross-Site Scripting (XSS)
@atlaskit/editor-core is vulnerable to cross-site scripting XSS. A remote attacker is able to inject and execute arbitrary Javascript in a user's browser via the link targets...
CVE-2019-20903
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...
CVE-2019-20903
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...
Cross site scripting
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...
CVE-2019-20903
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...
@accoio/react-pdf-highlighter (>=2.0.0 <=2.0.1), @activelylearn/react-pdf (>=2.5.0 <=2.5.2) +118 more potentially affected by CVE-2018-5158 via pdfjs-dist (>=2.0.104 <=2.0.550)
pdfjs-dist NPM version =2.0.104, =2.0.0, =2.5.0, =1.0.32, =1.2.0, =1.0.9, =15.0.0, =6.0.0, =39.0.0, =7.0.0, =110.0.0, =7.0.0, =6.0.0, =3.0.6, =8.0.0, =9.0.0, =9.11.13 and more Source cves: CVE-2018-5158 Source advisory: SNYK:JS-PDFJSDIST-469200...