Malicious code in n8n-nodes-csv-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011372ed1f40a4259802291679f8db573c8435e904c38e02482b4589d16c60c7 The package n8n-nodes-csv-parse was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1467 Malicious code in n8n-nodes-csv-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011372ed1f40a4259802291679f8db573c8435e904c38e02482b4589d16c60c7 The package n8n-nodes-csv-parse was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview n8n-nodes-csv-parse is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

@collegedunia/newman-mocha (>=0.0.1 <=0.1.1), @dineshparne/postman-cli (>=1.0.0 <=1.0.5) +24 more potentially affected by unknown CVE via @postman/csv-parse (=4.0.2)

@postman/csv-parse NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @postman/csv-parse and may be impacted: - @collegedunia/newman-mocha =0.0.1, =1.0.0, =1.0.0, =0.0.2, =1.1.1-beta.1, =1.0.34, =4.5.5, =1.0.0, =1.0.0, =1.0.2, =1.0.0,...

Malicious code in @postman/csv-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6072df393f967e34b9e50f3c9843f4716a7e65e30aff5648c7f003cb37c38e01 The package @postman/csv-parse was found to contain malicious code. Source: ghsa-malware...

@collegedunia/newman-mocha (>=0.0.1 <=0.1.1), @dineshparne/postman-cli (>=1.0.0 <=1.0.5) +24 more potentially affected by unknown CVE via @postman/csv-parse (=4.0.2)

@postman/csv-parse NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @postman/csv-parse and may be impacted: - @collegedunia/newman-mocha =0.0.1, =1.0.0, =1.0.0, =0.0.2, =1.1.1-beta.1, =1.0.34, =4.5.5, =1.0.0, =1.0.0, =1.0.2, =1.0.0,...

MAL-2025-190646 Malicious code in @postman/csv-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6072df393f967e34b9e50f3c9843f4716a7e65e30aff5648c7f003cb37c38e01 The package @postman/csv-parse was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-198633

Malicious code in @postman/csv-parse npm...

EUVD-2019-0686

Malware in sbrugna...

Security Bulletin: A security vulnerability in Node.js csv-parse module affects IBM Cloud Pak for Multicloud Management Infrastructure Management.

Summary A security vulnerability in Node.js csv-parse module affects IBM Cloud Pak for Multicloud Management Infrastructure Management. Vulnerability Details CVEID: CVE-2019-17592 DESCRIPTION: Node.js csv-parse module is vulnerable to a denial of service, caused by a malformed regular expression...

@here/cli (>=1.5.0 <=1.6.1), @node-amazon/mws (>=0.0.2 <=0.0.3) +10 more potentially affected by CVE-2020-26256 via @fast-csv/parse (>=4.1.4 <=4.3.3)

@fast-csv/parse NPM version =4.1.4, =1.5.0, =0.0.2, =2.1.0, =1.0.0, =1.2.127, =1.2.135, =1.2.111, =6.42.0, =4.1.4, =0.0.1, =0.0.6 Source cves: CVE-2020-26256 Source advisory: OSV:GHSA-8CV5-P934-3HWP...

CVE-2019-17592

The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The isInt function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast option...

GHSA-582F-P4PG-XC74 Regular Expression Denial of Service in csv-parse

Versions of csv-parse prior to 4.4.6 are vulnerable to Regular Expression Denial of Service. The isInt function contains a malformed regular expression that processes large specially-crafted input very slowly, leading to a Denial of Service. This is triggered when using the cast option...

0z_export (>=1.0.0 <=1.0.102), 1broker-positions-analyser (>=1.0.0 <=1.2.1) +5155 more potentially affected by CVE-2019-17592 via csv-parse (>=0.0.2 <=4.4.5)

csv-parse NPM version =0.0.2, =1.0.0, =1.0.0, =0.0.1, =1.0.0, =0.1.0, =4.2.0, =1.0.0, =7.2.1, =1.0.0, =1.0.0, =0.1.0, =0.0.1, =0.0.3 and more Source cves: CVE-2019-17592 Source advisory: OSV:GHSA-582F-P4PG-XC74...

Regular Expression Denial of Service in csv-parse

Versions of csv-parse prior to 4.4.6 are vulnerable to Regular Expression Denial of Service. The isInt function contains a malformed regular expression that processes large specially-crafted input very slowly, leading to a Denial of Service. This is triggered when using the cast option...

CVE-2019-17592

The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The isInt function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast option...

CVE-2019-17592

The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The isInt function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast option...

Design/Logic Flaw

The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The isInt function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast option...

CVE-2019-17592

CVE-2019-17592 affects Node.js csv-parse prior to 4.4.6, where a malformed regular expression in the __isInt() function under the cast option enables a Denial of Service with crafted input. The vulnerability is tied to the csv-parse module, with CVSS v3.1 base score 7.5 (high) and CVSS v2 base sc...

CVE-2019-17592

The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The isInt function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast option...