44 matches found
MAL-2026-1704 Malicious code in date-fns-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae8c5ce8aaa40b0479646a8cd09a5a83b803e857a64de372621002edcb2e27cd The package date-fns-scripts was found to contain malicious code...
Malicious code in date-fns-scripts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae8c5ce8aaa40b0479646a8cd09a5a83b803e857a64de372621002edcb2e27cd The package date-fns-scripts was found to contain malicious code...
EUVD-2025-199030
Malicious code in stat-fns npm...
Malicious code in stat-fns (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5395e07a1f1a743d77d42495c7eaf08cb0ced22a0b0883b53b5adf78beef28a The package stat-fns was found to contain malicious code. Source: ghsa-malware 6c2e197e85b015babcf3a2073e3f76b980a3ae924a49a20d9c1648c610d7d3c0 Any...
Malicious Package
Overview format-fns is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in format-fns (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 526920f308cc3493a6a3bc9f9e6c7869e0d79392a5ad4c3d20853f93c1be3347 The package format-fns was found to contain malicious code. Source: ghsa-malware a2305cdbb291326c8e91c15e88648a66dff9f0cdcee605ff604ec85ef226b91a Any...
MAL-2025-149903 Malicious code in format-fns (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 526920f308cc3493a6a3bc9f9e6c7869e0d79392a5ad4c3d20853f93c1be3347 The package format-fns was found to contain malicious code. Source: ghsa-malware a2305cdbb291326c8e91c15e88648a66dff9f0cdcee605ff604ec85ef226b91a Any...
EUVD-2025-120002
Malicious code in format-fns npm...
EUVD-2024-43392
Malicious code in bioql PyPI...
EUVD-2025-31070
Malicious code in bioql PyPI...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
algeb (>=1.0.0 <=5.4.0), anys (>=0.0.1 <=9.0.0) +37 more potentially affected by CVE-2025-57351 via ts-fns (>=0.0.11 <=9.3.2)
ts-fns NPM version =0.0.11, =1.0.0, =0.0.1, =0.0.1, =1.1.0, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2, =9.0.0 and more Source cves: CVE-2025-57351 Source advisory: SNYK:JS-TSFNS-13109930...
Prototype Pollution
Overview ts-fns is a Public Functions. Affected versions of this package are vulnerable to Prototype Pollution via the assign function. An attacker can inject arbitrary properties into the global object's prototype by supplying crafted keys, which may result in application crashes, unexpected cod...
algeb (>=3.0.0 <=5.4.0), anys (>=0.0.1 <=9.0.0) +32 more potentially affected by CVE-2025-57351 via ts-fns (>=0.0.11 <=13.1.3)
ts-fns NPM version =0.0.11, =3.0.0, =0.0.1, =0.0.1, =1.1.0, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.2, =9.0.0 and more Source cves: CVE-2025-57351 Source advisory: OSV:GHSA-G7WQ-WGGW-VMHG...
GHSA-G7WQ-WGGW-VMHG ts-fns has prototype pollution vulnerability
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...
PT-2025-39324
Name of the Vulnerable Software and Affected Versions ts-fns versions prior to 13.0.7 Description A prototype pollution issue exists due to inadequate validation of user-supplied keys within the assign function. This allows manipulation of the Object.prototype chain. Attackers can inject arbitrar...
ts-fns 安全漏洞
ts-fns is a java library by tangshuang personal developer. A security vulnerability exists in ts-fns versions prior to 13.0.7, which stems from insufficient validation of user-supplied keys by the assign function and could lead to a prototype pollution attack...
CVE-2025-57351
A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain. By leveraging this flaw, adversaries may inject arbitrary properties int...