14 matches found
Prettier eslint-config-prettier Embedded Malicious Code Vulnerability
Prettier eslint-config-prettier contains an embedded malicious code vulnerability. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...
EUVD-2025-21972
Malicious code in bioql PyPI...
@rustybrooks/eslint-config-prettier (>=1.0.0 <=1.0.18) potentially affected by unknown CVE via eslint-plugin-airbnb-base (=0.0.1-security)
eslint-plugin-airbnb-base NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on eslint-plugin-airbnb-base and may be impacted: - @rustybrooks/eslint-config-prettier =1.0.0, =1.0.18 Source cves: unknown CVE Source advisory:...
Fake npm Website Used to Push Malware via Stolen Token
Fake npm website used in phishing attack to steal maintainer token, leading to malware in popular JavaScript packages like eslint-config-prettier...
Malicious code in eslint-config-prettier (npm)
This package installs a windows based malware file node-gyp.dll via install.js...
MAL-2025-6022 Malicious code in eslint-config-prettier (npm)
This package installs a windows based malware file node-gyp.dll via install.js...
CVE-2025-54313
A flaw was found in eslint-config-prettier. An affected version contains embedded malicious code that executes an install.js file during package installation. This script launches the node-gyp.dll malware on Windows systems, allowing a remote attacker to execute arbitrary code. Mitigation...
GHSA-F29H-PXVX-F335 eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, napi-postinstall have embedded malicious code
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...
CVE-2025-54313
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...
CVE-2025-54313
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...
CVE-2025-54313
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...
eslint-config-prettier 安全漏洞
eslint-config-prettier is a Prettier open source application. A security vulnerability exists in eslint-config-prettier version 8.10.1, 9.1.1, 10.1.6, and 10.1.7, which stems from embedded malicious code that could lead to a supply chain attack...
CVE-2025-54313
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...
VulnCheck KEV: CVE-2025-54313
eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows...