7 matches found
CLEANSTART-2026-BM78291 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU
Multiple security vulnerabilities affect the dex package. Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. See references for individual vulnerability details...
CLEANSTART-2026-SY48547 Security fixes for CVE-2026-25680, CVE-2026-25681, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-27145, CVE-2026-29181, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33487, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39821, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39834, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501, CVE-2026-42504, CVE-2026-42507, CVE-2026-42508, CVE-2026-46595, ghsa-78h2-9frx-2jm8, ghsa-mh2q-q3fh-2475, ghsa-pjcq-xvwq-hhpj applied in versions: 2.45.1-r0, 2.45.1-r1, 2.45.1-r2, 2.45.1-r3, 2.45.1-r4
Multiple security vulnerabilities affect the dex package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-IN26303 Security fixes for CVE-2026-25680, CVE-2026-25681, CVE-2026-26958, CVE-2026-27145, CVE-2026-29181, CVE-2026-32952, CVE-2026-33186, CVE-2026-33487, CVE-2026-33810, CVE-2026-33814, CVE-2026-34986, CVE-2026-39821, CVE-2026-39834, CVE-2026-42504, CVE-2026-42507, CVE-2026-42508, CVE-2026-46595, ghsa-78h2-9frx-2jm8 applied in versions: 2.44.0-r0, 2.44.0-r1, 2.44.0-r2, 2.44.0-r3, 2.44.0-r4
Multiple security vulnerabilities affect the dex package. These issues are resolved in later releases. See references for individual vulnerability details...
Malicious Package
Overview chai-dex is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2026-3750
Malicious code in chai-dex npm...
Malicious code in okx-dex (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6111 Malicious code in okx-dex (npm)
The package communicates with a domain associated with malicious activity...