328 matches found
MAL-2026-3412 Malicious code in post-purchase-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a33aa69ef958573a786f3db208d8ee335829e14009d1fdafecbc842ed493b8b The package post-purchase-bundler was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in post-purchase-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a33aa69ef958573a786f3db208d8ee335829e14009d1fdafecbc842ed493b8b The package post-purchase-bundler was found to contain malicious code. Source: ossf-package-analysis...
SUSE SLED15 / SLES15 Security Update : rubygem-bundler (SUSE-SU-2026:1355-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1355-1 advisory. Updated to version 2.2.34. - CVE-2020-36327: Bundler chooses a dependency source based on the highest gem...
Security update for rubygem-bundler
This update for rubygem-bundler fixes the following issues: Updated to version 2.2.34. CVE-2020-36327: Bundler chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 CVE-2021-43809: rubygem-bundler: remot...
SUSE-SU-2026:1355-1 Security update for rubygem-bundler
This update for rubygem-bundler fixes the following issues: Updated to version 2.2.34. - CVE-2020-36327: Bundler chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen bsc1185842 - CVE-2021-43809: rubygem-bundler:...
Malicious Package
Overview jsonify-bundler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1935 Malicious code in jsonify-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0aa4b4269de8cd80d5dcc7106a78d477d668896627219a2f6e2199aef68f196f The package jsonify-bundler was found to contain malicious code. Source: ghsa-malware ce66e88fca5eb80c0c46cbfc975ac7fae97a50a6e0c7365cee57762e9a06b99...
Malicious code in jsonify-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0aa4b4269de8cd80d5dcc7106a78d477d668896627219a2f6e2199aef68f196f The package jsonify-bundler was found to contain malicious code. Source: ghsa-malware ce66e88fca5eb80c0c46cbfc975ac7fae97a50a6e0c7365cee57762e9a06b99...
MAL-2026-1336 Malicious code in tailwindcss-forms-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4539095c0f138c7afdd678f16ce6331acda209486c0e8ebe9f156da96b5de11a The package tailwindcss-forms-bundler was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview tailwindcss-forms-bundler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in tailwindcss-forms-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4539095c0f138c7afdd678f16ce6331acda209486c0e8ebe9f156da96b5de11a The package tailwindcss-forms-bundler was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview tailwindcss-form-bundler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-1209 Malicious code in tailwindcss-form-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a2a9c57883700b802e8a250afb6d3e95ef2ea31ab9a699b1bf339a9843fe430 The package tailwindcss-form-bundler was found to contain malicious code. Source: ghsa-malware...
Malicious code in tailwindcss-form-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a2a9c57883700b802e8a250afb6d3e95ef2ea31ab9a699b1bf339a9843fe430 The package tailwindcss-form-bundler was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview tailwindcss-fonts-bundler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-1208 Malicious code in tailwindcss-fonts-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 111ae70ed7d5ecb92401f00f8d9309b7cc99749c16a3ffab3b448b02b8224037 The package tailwindcss-fonts-bundler was found to contain malicious code. Source: ghsa-malware...
Malicious code in tailwindcss-fonts-bundler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 111ae70ed7d5ecb92401f00f8d9309b7cc99749c16a3ffab3b448b02b8224037 The package tailwindcss-fonts-bundler was found to contain malicious code. Source: ghsa-malware...
Linux Distros Unpatched Vulnerability : CVE-2026-27606
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler specifically v4.x and present in current...
UBUNTU-CVE-2026-27606
Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler specifically v4.x and present in current source is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker t...
MiracleLinux 8 : ruby:2.6 (AXSA:2021-2402:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2402:01 advisory. rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 ruby: NUL injection vulnerability o...