Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.18 views

fox (>=1.1.0 <=1.6.2), prova (>=0.0.0 <=0.0.2) potentially affected by unknown CVE via simple.io (=2.0.0)

simple.io NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on simple.io and may be impacted: - fox =1.1.0, =0.0.0, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-33280...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.7 views

attr (>=0.0.0 <=0.0.1), door (>=0.0.5 <=0.0.6) +6 more potentially affected by unknown CVE via new-pubsub (>=0.0.3 <=2.0.0)

new-pubsub NPM version =0.0.3, =0.0.0, =0.0.5, =0.0.7, =0.0.0, =0.0.0, =0.0.0, =0.0.2 - watch-array =0.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27366...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.11 views

fox (=0.0.8), lowkick (>=0.0.1 <=0.1.0) +2 more potentially affected by unknown CVE via combiner (=1.2.1)

combiner NPM version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on combiner and may be impacted: - fox =0.0.8 - lowkick =0.0.1, =1.1.0, =0.3.1, =0.3.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17379...

5.8AI score
Exploits0
Snyk
Snyk
added 2022/09/08 11:24 a.m.3 views

Malicious Package

Overview react-native-animated-fox is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder