MAL-2025-179640 Malicious code in kisut-afncg-avaff (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f0c04531f02e82b4ae9717dde435d7fde50b3fa2cfc0bcff47e3da48efebfa4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-150564 Malicious code in @miptaa02/dffdds (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2581abc6d7e4362982adfc288424576f7caa58d2ea6b9eeeb512126f9e9ca445 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-115559 Malicious code in lively_otter_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cabf8cd9d91afa44b7f0b115d4757c19c504be850d18f16cd357600dacbce4a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in hilarious_snail_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed6f6ec678de567424f7e5fd8adfe7d17f8d4b8daf1b47b302015936db27050d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-74628 Malicious code in nina-soto40-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b150c5b2666acceb6f42959f9f16e7a880cd2a9e85588bce1a6611471a4dec58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in vera-ketan30-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53de4c32ceb488ced9f361ac35f79912268988ce9e2bcb68ecc346ac7e5a8f76 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Libxslt 资源管理错误漏洞

Libxslt is a Libxslt open source XSLT C library developed for the GNOME project. A security vulnerability exists in Libxslt that stems from improper modification of the attribute type atype and flags, which could lead to memory management corruption and heap corruption...

SUSE-SU-2022:3936-1 Security update for libarchive

This update for libarchive fixes the following issues: - CVE-2021-31566: Fixed vulnerability where libarchive modifies file flags of symlink target bsc1192426 - Fixed issue where processing fixup entries may follow symbolic links bsc1192427...

SUSE-SU-2021:3722-1 Security update for libarchive

This update for libarchive fixes the following issues: - CVE-2019-19221: Fixed out-of-bounds read caused by incorrect mbrtowc or mbtowc call bsc1157569 - backporting symlink security fixes from 3.5.2: - extracting with ACLs modifies ACLs of target bsc1192425 - modifies file flags of target...