MAL-2026-737 Malicious code in remark-gfm-v4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eb645996981f1453b9049a0d97b6f0b6c7ff4cadc29d4ccddd7f48cd65cbb21 The package remark-gfm-v4 was found to contain malicious code. Source: ghsa-malware 10eecf76003bd92639bb172deaa68448c44a5899c772fdcce927765011d807eb...

Malicious code in remark-gfm-v4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eb645996981f1453b9049a0d97b6f0b6c7ff4cadc29d4ccddd7f48cd65cbb21 The package remark-gfm-v4 was found to contain malicious code. Source: ghsa-malware 10eecf76003bd92639bb172deaa68448c44a5899c772fdcce927765011d807eb...

Malicious Package

Overview remark-gfm-v4 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MiracleLinux 8 : pandoc-2.0.6-6.el8 (AXSA:2022-3835:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3835:01 advisory. cmark-gfm: possible RCE due to integer overflow CVE-2022-24724 Tenable has extracted the preceding description block directly from the MiracleLinux security...

HSEC-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser

cmark-gfm: resource exhaustion due to quadratic complexity in parser cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to unbounded resource exhaustion and subsequent denial of service, due to...

TencentOS Server 4: python-cmarkgfm (TSSA-2025:0086)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0086 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2018-9715

Malware in sbrugna...

EUVD-2023-26630

Malicious code in bioql PyPI...

EUVD-2022-41748

Malicious code in bioql PyPI...

EUVD-2022-47951

Malicious code in bioql PyPI...

EUVD-2023-26631

Malicious code in bioql PyPI...

EUVD-2022-29578

Malicious code in bioql PyPI...

EUVD-2023-28818

Malicious code in bioql PyPI...

EUVD-2023-30291

Malicious code in bioql PyPI...

EUVD-2023-26632

Malicious code in bioql PyPI...

EUVD-2023-41361

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-31175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optional CKEditor 5's packages in versions...

Linux Distros Unpatched Vulnerability : CVE-2023-26485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. A polynomial time complexity issue in cmark-gfm may lead to...

pandoc security update

An update is available for pandoc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Pandoc is a Haskell library for converting from one markup format to another,...

RLSA-2025:8427 Moderate: pandoc security update

Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. It can read several dialects of Markdown and subsets of HTML, reStructuredText, LaTeX, DocBook, JATS, MediaWiki markup, TWiki markup, TikiWiki markup, Creole 1.0, Haddock...