protobufjs-mod (=6.8.2) potentially affected by CVE-2026-44294 via @protobufjs/codegen (=2.0.4)

@protobufjs/codegen NPM version =2.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on @protobufjs/codegen and may be impacted: - protobufjs-mod =6.8.2 Source cves: CVE-2026-44294 Source advisory: SNYK:JS-PROTOBUFJSCODEGEN-16643292...

GHSA-JX2W-VP7F-456Q quarkus-openapi-generator extension has Zip Slip Path Traversal in ApicurioCodegenWrapper class

Summary A path traversal vulnerability was discovered in the quarkus-openapi-generator extension Details The unzip method in ApicurioCodegenWrapper.java extracts ZIP entries without validating that the resolved file path stays within the intended output directory. At line 101, the destination is...

CVE-2023-31146

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment...

EUVD-2021-0688

Malware in sbrugna...

HugoMario swagger-codegen 安全漏洞

HugoMario swagger-codegen is an application from HugoMario. It is used to automatically generate API client libraries generate SDKs, server stubs and documentation given an OpenAPI Spec. A security vulnerability exists in swagger-codegen, which can be exploited by an attacker to append the conten...