Lucene search
K

7 matches found

OSV
OSV
added 2026/06/01 12:0 a.m.8 views

MAL-2026-5135 Malicious code in @redhat-cloud-services/frontend-components-advisor-components (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

5.9AI score
Exploits0References1
Snyk
Snyk
added 2026/05/31 9:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code linked to the "Miasma" supply chain attack targeting the @redhat-cloud-services npm namespace. A malicious actor compromised the publication pipeline and published versions containing malicious code that includes...

9.8CVSS5.8AI score
Exploits0References2
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.9 views

GHSA-5W89-2C2X-6X66 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, slsa-verifier, kube-fluentd-operator, azure-workload-identity-webhook, lazygit, syft, terraform-provider-kubernetes, capslock, karpenter, mockgen, go-md2man, knative-client, gh,...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/10 1:22 a.m.7 views

CVE-2021-3864 vulnerabilities

Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-vmware...

7CVSS7.1AI score0.00726EPSS
Exploits1
Chainguard
Chainguard
added 2026/01/10 1:22 a.m.2 views

GHSA-9682-F2FR-3H46 vulnerabilities

Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-vmware...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2025/11/21 1:26 a.m.6 views

GHSA-R4VM-3MC7-PRGX vulnerabilities

Vulnerabilities for packages: linux-aws, linux-gcp, linux-azure...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2025/04/17 1:14 p.m.35 views

CVE-2025-22872 vulnerabilities

Vulnerabilities for packages: consul, spiffe-helper-fips, crossplane-provider-azure, aactl, kubernetes-csi-livenessprobe-fips, envoy-gateway, falcosidekick-fips, local-static-provisioner-fips, terraform-provider-pagerduty-fips, spegel, hubble-ui-backend-fips, telegraf, datadog-agent,...

6.5CVSS6.7AI score0.0045EPSS
Exploits0
Rows per page
Query Builder