Malicious code in cfa-react-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aac7ddc598f480a5c87bd28d65a6fc762b5c9ce46b72934eabe3760b49f11a36 The OpenSSF Package Analysis project identified 'cfa-react-components' @ 2.8.8 npm as malicious. It is considered malicious because: - The packa...

MAL-2025-2293 Malicious code in cfa-react-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aac7ddc598f480a5c87bd28d65a6fc762b5c9ce46b72934eabe3760b49f11a36 The OpenSSF Package Analysis project identified 'cfa-react-components' @ 2.8.8 npm as malicious. It is considered malicious because: - The packa...

Malicious code in pwi-cfa-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d39aaa33ecd66d4aac0437e45aa6a1cddcc74bb7ed416f6b33c3a7151cbc035 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1644 Malicious code in pwi-cfa-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d39aaa33ecd66d4aac0437e45aa6a1cddcc74bb7ed416f6b33c3a7151cbc035 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-167 Malicious code in cfa-styleguide (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5562a6cb1d5f239216be52c28e8d316e8ffe0f490d11978863202a6fcfcbe8bc Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

Malicious code in cfa-styleguide (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5562a6cb1d5f239216be52c28e8d316e8ffe0f490d11978863202a6fcfcbe8bc Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

azkm (>=0.1.0 <=0.2.71), azure-knowledgemining-cli (=0.1.0) +3 more potentially affected by CVE-2022-39327 via azure-cli (>=2.0.76 <=2.29.2)

azure-cli PYPI version =2.0.76, =0.1.0, =0.3.1, =0.1.10, =1.0.19 Source cves: CVE-2022-39327 Source advisory: OSV:PYSEC-2022-43177...

com.bmc.ims:bmc-cfa (=198.vfe106798d1a6), com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9) +156 more potentially affected by CVE-2022-43409 via org.jenkins-ci.plugins.workflow:workflow-support (>=0.1-beta-1 <=819.v37d707a_71d9b_)

org.jenkins-ci.plugins.workflow:workflow-support MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.0, =1.3.0, =320.v5a0933ae7d61, =1.0, =1.0, =0.9.0, =1.0, =1.20 and more Source cves: CVE-2022-43409 Source advisory: OSV:GHSA-64R9-X74Q-WXMH...

OSV-2022-525 Heap-buffer-overflow in spvtools::CFA<spvtools::val::BasicBlock>::CalculateDominators

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48553 Crash type: Heap-buffer-overflow READ 8 Crash state: spvtools::CFA::CalculateDominators spvtools::val::PerformCfgChecks spvtools::val::ValidateBinaryUsingContextAndValidationState...

cfa-mfr-stgillescroixdevie.fr Improper Access Control vulnerability

Open Bug Bounty ID: OBB-635154 Description| Value ---|--- Affected Website:| cfa-mfr-stgillescroixdevie.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Other Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

sei.cfa.org.br XSS vulnerability

Open Bug Bounty ID: OBB-632441 Description| Value ---|--- Affected Website:| sei.cfa.org.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Fedora 27 : LibRaw (2017-f04296e37e)

Patch for CVE-2017-14348 ---- Fix for possible heap overrun in Canon makernotes parser Fix for CVE-2017-13735 CVE-2017-14265: Additional check for X-Trans CFA pattern data ---- LibRaw 0.18.3 Fix for CVE-2017-13735 Additional checks for X-Trans CFA pattern data ---- Patch for CVE-2017-13735. Note...

Fedora 26 : LibRaw (2017-80c4677540)

Fix for possible heap overrun in Canon makernotes parser Fix for CVE-2017-13735 CVE-2017-14265: Additional check for X-Trans CFA pattern data ---- LibRaw 0.18.3 Fix for CVE-2017-13735 Additional checks for X-Trans CFA pattern data ---- Patch for CVE-2017-13735. Note that Tenable Network Security...