MAL-2025-14525 Malicious code in angular-cli-library-builder (npm)

The package angular-cli-library-builder was found to contain malicious code...

MAL-2025-21271 Malicious code in generator-angular-cli-library (npm)

The package generator-angular-cli-library was found to contain malicious code...

@aofl/cli (>=2.1.0-3.0.0-alpha.0 <=4.0.0-alpha.45), @aofl/cli-lib (>=3.0.0-alpha.3 <=3.0.0-beta.37) +5 more potentially affected by CVE-2024-38987 via @aofl/cli-lib (>=2.1.0-3.0.0-alpha.0 <=4.0.0-alpha.45)

@aofl/cli-lib NPM version =2.1.0-3.0.0-alpha.0, =2.1.0-3.0.0-alpha.0, =3.0.0-alpha.3, =4.0.0-alpha.22, =3.0.0, =3.5.0, =3.0.0-alpha.6, =3.4.1-beta.0, =4.0.0-alpha.45 Source cves: CVE-2024-38987 Source advisory: OSV:GHSA-VG6V-JCG3-5MP7...

CVE-2024-38987

aofl cli-lib v3.14.0 was discovered to contain a prototype pollution via the component defaultsDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

[SECURITY] Fedora 40 Update: apache-commons-cli-1.6.0-5.fc40

The CLI library provides a simple and easy to use API for working with the command line arguments and options...