Malicious code in sahufar-satidfaf-fava (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f360a2d4b48962ccd4167861cffc30106723b4a4205f19cac6f321571f591496 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-136626

Malicious code in sahufar-satidfaf-fava npm...

EUVD-2025-140904

Malicious code in kapvino-soi-fava npm...

Malicious code in kapvino-soi-fava (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fa919cb5fa336140b6f69ebd4ed349a9b5b7ca644dece5db4edb9ebc6fbd4e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2022-0100

Malicious code in bioql PyPI...

EUVD-2022-0102

Malicious code in bioql PyPI...

EUVD-2022-0101

Malicious code in bioql PyPI...

CVE-2022-2589

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

CVE-2022-2523

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.2...

CVE-2022-2514

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...

Fava vulnerable to reflected cross-site scripting

Fava before 1.22.3 is vulnerable to reflected cross-site scripting due to improper validation on filter conversion...

GHSA-6HCJ-QRW3-M66Q Fava vulnerable to reflected cross-site scripting

Fava before 1.22.3 is vulnerable to reflected cross-site scripting due to improper validation on filter conversion...

CVE-2022-2589

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

DEBIAN-CVE-2022-2589

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

Cross site scripting

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

UBUNTU-CVE-2022-2589

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

CVE-2022-2589

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

PYSEC-2022-246

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

PYSEC-2022-246

Cross-site Scripting XSS - Reflected in GitHub repository beancount/fava prior to 1.22.3...

CVE-2022-2589

CVE-2022-2589 affects the Beancount/Fava project: a reflected Cross-site Scripting (XSS) vulnerability due to improper validation on filter conversion in Fava before version 1.22.3. Affected component: Fava web UI logic (filter handling). Impact: potential credential or data exposure via crafted ...