1622 matches found
EUVD-2025-197875
Malicious code in transparent-example-request99 npm...
MAL-2025-190550 Malicious code in transparent-example-request99 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6678163799dc68caa6452a201456bd093435349d000df2dd5895fbf7b0067b5 The package transparent-example-request99 was found to contain malicious code. Source: ossf-package-analysis...
BIT-AIRFLOW-2025-54941 Apache Airflow: Command injection in "example_dag_decorator"
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-54941
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
GHSA-V3C9-J6H9-66V4 Apache Airflow has a command injection vulnerability in "example_dag_decorator"
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the exampledagdecorator function. An attacker can execute arbitrary commands on the worker by supplying a crafted parameter through the UI. Note: This is only exploitable if example DAGs are enabled in production o...
Apache Airflow has a command injection vulnerability in "example_dag_decorator"
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-54941
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-54941
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-54941 Apache Airflow: Command injection in "example_dag_decorator"
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-54941 Apache Airflow: Command injection in "example_dag_decorator"
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-54941
The CVE-2025-54941 issue affects Apache Airflow, specifically the example_dag_decorator parameter handling. A non-validated parameter in the example DAG allowed a UI user to redirect to a malicious server and execute code on a worker, but exploitation requires that example DAGs are enabled in pro...
EUVD-2025-36993
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
MAL-2025-49096 Malicious code in example-icrc35-shared-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e7e6839f13b54dc75f2b851ec1c1e78a9bbf4591f438a2053c99658e5f60189 The package example-icrc35-shared-library was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-36967
Malicious code in example-icrc35-shared-library npm...
Malicious code in example-icrc35-shared-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e7e6839f13b54dc75f2b851ec1c1e78a9bbf4591f438a2053c99658e5f60189 The package example-icrc35-shared-library was found to contain malicious code. Source: ossf-package-analysis...
Malicious Package
Overview jfrog-npm-actions-example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
EUVD-2025-36828
Malicious code in jfrog-npm-actions-example npm...
Malicious Package
Overview ts-migrate-example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-36832
Malicious code in ts-migrate-example npm...