54 matches found
Malicious code in gatsby-plugin-antd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1db5c29950300909f2a9571826a482e10a6ce45dae9529f28ad87ddc2b98119b The package gatsby-plugin-antd was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191396 Malicious code in gatsby-plugin-antd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1db5c29950300909f2a9571826a482e10a6ce45dae9529f28ad87ddc2b98119b The package gatsby-plugin-antd was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199366
Malicious code in gatsby-plugin-antd npm...
@amorist/gatsby-theme-antd (=1.0.0), @antv/f2-site (>=4.0.0-4.0.0-alpha.3.0 <=5.0.1-beta.0) +25 more potentially affected by unknown CVE via gatsby-plugin-antd (=2.2.0)
gatsby-plugin-antd NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-antd and may be impacted: - @amorist/gatsby-theme-antd =1.0.0 - @antv/f2-site =4.0.0-4.0.0-alpha.3.0, =0.1.0, =1.0.0, =1.0.0, =1.1.18-beta.0, =0.0.1,...
@amorist/gatsby-theme-antd (=1.0.0), @antv/f2-site (>=4.0.0-4.0.0-alpha.3.0 <=5.0.1-beta.0) +16 more potentially affected by unknown CVE via gatsby-plugin-cname (=1.0.0)
gatsby-plugin-cname NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-cname and may be impacted: - @amorist/gatsby-theme-antd =1.0.0 - @antv/f2-site =4.0.0-4.0.0-alpha.3.0, =0.9.81, =1.0.0, =1.1.18-beta.0, =0.0.1, =0.0.4,...
EUVD-2025-199205
Malicious code in gatsby-plugin-cname npm...
Malicious code in gatsby-plugin-cname (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21 The package gatsby-plugin-cname was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191100 Malicious code in gatsby-plugin-cname (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d533b6b1c548148392393696a1a82fc32d46ae923e8a30cbc2e7a9118b1ed21 The package gatsby-plugin-cname was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@amorist/gatsby-theme-antd (=1.0.0), @antv/f2-site (>=4.0.0-4.0.0-alpha.3.0 <=5.0.1-beta.0) +16 more potentially affected by unknown CVE via gatsby-plugin-cname (=1.0.0)
gatsby-plugin-cname NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-cname and may be impacted: - @amorist/gatsby-theme-antd =1.0.0 - @antv/f2-site =4.0.0-4.0.0-alpha.3.0, =0.9.81, =1.0.0, =1.1.18-beta.0, =0.0.1, =0.0.4,...
EUVD-2025-113258
Malicious code in gatsby-vulcan-lacerta-alphard npm...
EUVD-2022-6094
Malicious code in bioql PyPI...
Malicious code in gatsby-plugin-apollo-onetrust (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-47674 Malicious code in gatsby-plugin-apollo-onetrust (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in gatsby-plugin-easy-i18n (npm)
The package gatsby-plugin-easy-i18n was found to contain malicious code...
MAL-2025-21208 Malicious code in gatsby-plugin-easy-i18n (npm)
The package gatsby-plugin-easy-i18n was found to contain malicious code...
MAL-2025-7059 Malicious code in @amber-team/gatsby-plugin-semrush2 (npm)
The package @amber-team/gatsby-plugin-semrush2 was found to contain malicious code...
MAL-2025-7058 Malicious code in @amber-team/gatsby-plugin-semcore (npm)
The package @amber-team/gatsby-plugin-semcore was found to contain malicious code...
Malicious code in @amber-team/gatsby-plugin-semcore (npm)
The package @amber-team/gatsby-plugin-semcore was found to contain malicious code...
CVE-2023-30548
gatsby-plugin-sharp is a plugin for the gatsby framework which exposes functions built on the Sharp image processing library. The gatsby-plugin-sharp plugin prior to versions 5.8.1 and 4.25.1 contains a path traversal vulnerability exposed when running the Gatsby develop server gatsby develop. It...