EUVD-2025-202373

Malicious code in wasm-bindgen npm...

Malicious Package

Overview wasm-bindgen is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-192419 Malicious code in wasm-bindgen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b3b2a3d6aa85e6e53ccd0463891b26156f77f3b75134166dbc68c14ec2c6bd2 The package wasm-bindgen was found to contain malicious code. Source: ghsa-malware a1de8824d178cfc9806b7413eeb3661781e7e278f0b877117bddb857bddb592b A...

openSUSE Security Advisory (SUSE-SU-2025:4091-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : cargo-packaging, rust-bindgen (SUSE-SU-2025:4091-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4091-1 advisory. cargo-packaging was updated to version 1.3.0+0: - CVE-2025-58160: Fixed tracing log pollution in tracing-subscriber bsc1249012 Other fixes: - Prevent strippi...

SUSE-SU-2025:4091-1 Security update for cargo-packaging, rust-bindgen

This update for cargo-packaging and rust-bindgen fixes the following issues: cargo-packaging was updated to version 1.3.0+0: - CVE-2025-58160: Fixed tracing log pollution in tracing-subscriber bsc1249012 Other fixes: - Prevent stripping debug info bsc1222175 rust-bindgen was updated to 0.72.0...

candid-extractor (>=0.1.0 <=0.1.2), debug-engine (>=0.1.0 <=0.1.1) +69 more potentially affected by unknown CVE via wasmtime-jit-debug (>=0.35.0 <=1.0.2)

wasmtime-jit-debug CARGO version =0.35.0, =0.1.0, =0.1.0, =0.1.3, =0.4.0, =0.4.0, =0.5.0, =0.0.1-alpha, =0.0.6, =0.11.0, =0.9.0, =0.9.0, =0.9.0, =0.10.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9GHP-W2HM-VFPF...

wasm-bindgen-0.2.97~0-3.1 on GA media (moderate)

wasm-bindgen-0.2.970-3.1 on GA media Announcement ID: openSUSE-SU-2025:15065-1 Rating: moderate Cross-References: CVE-2025-3416 CVSS scores: CVE-2025-3416 SUSE : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-3416 SUSE : 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA...

OPENSUSE-SU-2025:15065-1 wasm-bindgen-0.2.97~0-3.1 on GA media

These are all security issues fixed in the wasm-bindgen-0.2.970-3.1 package on the GA media of openSUSE Tumbleweed...

openSUSE 15 Security Update : chromium, gn, rust-bindgen (openSUSE-SU-2024:0254-2)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0254-2 advisory. - Chromium 127.0.6533.119 boo1228941 CVE-2024-7532: Out of bounds memory access in ANGLE CVE-2024-7533: Use after free in Sharing CVE-2024-7550:...

Security update for chromium, gn, rust-bindgen (important)

openSUSE Security Update: Security update for chromium, gn, rust-bindgen Announcement ID: openSUSE-SU-2024:0254-2 Rating: important References: 1228628 1228940 1228941 1228942 Cross-References: CVE-2024-6988 CVE-2024-6989 CVE-2024-6990 CVE-2024-6991 CVE-2024-6992 CVE-2024-6993 CVE-2024-6994...

OPENSUSE-SU-2024:0254-2 Security update for chromium, gn, rust-bindgen

This update for chromium, gn, rust-bindgen fixes the following issues: - Chromium 127.0.6533.119 boo1228941 CVE-2024-7532: Out of bounds memory access in ANGLE CVE-2024-7533: Use after free in Sharing CVE-2024-7550: Type Confusion in V8 CVE-2024-7534: Heap buffer overflow in Layout CVE-2024-7535:...

Fedora: Security Advisory for rust-bindgen-cli (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rust-bindgen-cli-0.69.4-2.fc39

Automatically generates Rust FFI bindings to C and C++ libraries...

Fedora: Security Advisory for rust-bindgen-cli (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: rust-bindgen-cli-0.69.4-2.fc40

Automatically generates Rust FFI bindings to C and C++ libraries...

ardaku (=0.1.0), argon (=0.1.0) +11 more potentially affected by CVE-2024-28123 via wasmi (>=0.19.0 <=0.30.0)

wasmi CARGO version =0.19.0, =0.4.0, =0.2.3, =0.2.3, =0.2.3, =0.1.0, =0.30.0 - wright =0.7.0 Source cves: CVE-2024-28123 Source advisory: OSV:GHSA-75JP-VQ8X-H4CQ...

Fedora: Security Advisory for rust-kvm-bindings (FEDORA-2024-f2305d485f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rust-kvm-bindings-0.7.0-1.fc39

Rust FFI bindings to KVM generated using bindgen...

Malicious Package

Overview wasm-bindgen is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...