3 matches found
Malicious code in ember-url-hash-polyfill (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99682882eef0dff783a52f47c796529499a9d50c3d9a439d5450d7aa48423351 Any computer that has this package installed or running should be considered fully compromised. All...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
@crowdstrike/ember-oss-docs (>=1.0.1 <=1.1.8) potentially affected by unknown CVE via ember-url-hash-polyfill (=1.0.11)
ember-url-hash-polyfill NPM version =1.0.11 is affected by a known vulnerability. The following packages have a transitive dependency on ember-url-hash-polyfill and may be impacted: - @crowdstrike/ember-oss-docs =1.0.1, =1.1.8 Source cves: unknown CVE Source advisory:...