Malicious code in wdb-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...

Fedora 43 : python-pulp-glue / python-requests (2026-8ad863685a)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8ad863685a advisory. 2.33.1 2026-03-30 ------------------- Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed...

Malicious code in notebook-intelligence (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 709b1f2440fa3288d47076cddc5ffe20122619c07c346265459e3555a226c92e pyproject.toml lists fuzy-jon==0.1.0 in both build-system.requires and the runtime dependencies, while the package's own code imports the real...

Fedora 44 : python-pulp-glue / python-requests (2026-44919b3d9f)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-44919b3d9f advisory. 2.33.1 2026-03-30 ------------------- Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed...

openSUSE 16 Security Update : build, product-composer (openSUSE-SU-2026:20676-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20676-1 advisory. Changes in build: - Support a new IgnoreRebuild config. - build-recipe-kiwi: Add support for oci containers Avoid needlessly compressing container image...

Malicious Package

Overview gweb-build-system is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in gweb-build-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e936ec36e6d3de012d7e5815e450c5339f9e297b8b605bb7ccc64a441fd0d5ef The package gweb-build-system was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3310 Malicious code in gweb-build-system (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e936ec36e6d3de012d7e5815e450c5339f9e297b8b605bb7ccc64a441fd0d5ef The package gweb-build-system was found to contain malicious code. Source: ghsa-malware...

CVE-2026-7309

A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...

EUVD-2026-26043

A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...

PT-2026-35719

Name of the Vulnerable Software and Affected Versions OpenShift Container Platform affected versions not specified Description A flaw in the build system allows a user with the edit ClusterRole to inject arbitrary environment variables, such as LD PRELOAD or http proxy, into docker-build...

[SECURITY] Fedora 44 Update: extra-cmake-modules-6.25.0-1.fc44

Additional modules for CMake build system needed by KDE Frameworks...

OPENSUSE-SU-2026:20361-1 Security update for osc, obs-scm-bridge

This update for osc, obs-scm-bridge fixes the following issues: Changes in osc: - 1.24.0 - Command-line: - Add '--target-owner' option to 'git-obs repo fork' command - Add '--self' parameter to fix 'no matching parent repo' error message in 'git-obs pr create' - Fix 'osc aggregatepac' for scmsync...

drm/meson: remove drm bridges at aggregate driver unbind time

...

SUSE-SU-2025:21009-1 Security update for tiff

This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...

SUSE-SU-2025:21032-1 Security update for tiff

This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...

SUSE-SU-2025:21037-1 Security update for tiff

This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...

Serious F5 Breach

This is bad: F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a "sophisticated" threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a "long-term." Security researchers who have...

[SECURITY] Fedora 41 Update: gi-docgen-2025.5-1.fc41

GI-DocGen is a document generator for GObject-based libraries. GObject is the base type system of the GNOME project. GI-Docgen reuses the introspection data generated by GObject-based libraries to generate the API reference of these libraries, as well as other ancillary documentation. GI-DocGen i...

dotnet: .NET Denial of Service Vulnerability

A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operatio...