6 matches found
MAL-2026-8 Malicious code in @nitaiapiiro/rand_emoji (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686999eb6a9720383d59bbca502497c33b67e49cd4f21b0fd3eba33d9be8aefe The package @nitaiapiiro/randemoji was found to contain malicious code...
EUVD-2023-35201
Malicious code in bioql PyPI...
Embedded Malicious Code
Overview @ctrl/ngx-emoji-mart is a Customizable Slack-like emoji picker for Angular Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including...
CVE-2023-30858
The Denosaurs emoji package provides emojis for dinosaurs. Starting in version 0.1.0 and prior to version 0.3.0, the reTrimSpace regex has 2nd degree polynomial inefficiency, leading to a delayed response given a big payload. The issue has been patched in 0.3.0. As a workaround, avoid using the...
CVE-2023-30858
The CVE-2023-30858 entry describes a ReDoS in the Denosaurs emoji package (Denosaurs emoji) due to the reTrimSpace regex with a 2nd‑degree polynomial inefficiency in versions 0.1.0 through 0.3.0, causing delayed responses on large payloads. The issue is patched in version 0.3.0; a workaround is t...
CVE-2023-30858 Denosaurs emoji has ReDoS vulnerability in `replace` function
The Denosaurs emoji package provides emojis for dinosaurs. Starting in version 0.1.0 and prior to version 0.3.0, the reTrimSpace regex has 2nd degree polynomial inefficiency, leading to a delayed response given a big payload. The issue has been patched in 0.3.0. As a workaround, avoid using the...