Lucene search
+L

445 matches found

vulnersOsv
vulnersOsv
added 2026/01/16 3:31 p.m.6 views

@mapbox/vnu-validate-html (=0.1.0), @northernbeat/gulp-tasks (>=1.0.48 <=1.0.50) +32 more potentially affected by CVE-2025-15104 via vnu-jar (>=16.12.27 <=25.12.31)

vnu-jar NPM version =16.12.27, =1.0.48, =1.0.3, =0.9.0, =0.1.1, =0.7.0, =0.1.2, =0.6.0, =8.1.0, =9.1.1, =1.0.0, =1.1.2, =2.0.0 and more Source cves: CVE-2025-15104 Source advisory: OSV:GHSA-FCCG-7W3P-W66F...

6.9CVSS5.8AI score0.00425EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.6 views

CVE-2020-7605

gulp-tape through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of 'gulp-tape' options...

9.8CVSS7.2AI score0.02512EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.13 views

CVE-2020-7601

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the "exec" function located in "src/command.js" via the provided options...

9.8CVSS7.2AI score0.02644EPSS
Exploits1References1
OSV
OSV
added 2025/11/24 10:32 p.m.3 views

MAL-2025-191105 Malicious code in gulp-inject-envs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d230a528331dc71aa1fa5cb1d9fd8146d79d7e92f3aae2efd2ce7c177640b337 The package gulp-inject-envs was found to contain malicious code. Source: ghsa-malware 5dafa09839ea07c586670ac1a302805fb65ffaf32d1641dcab2be569a68231...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:32 p.m.6 views

Malicious code in gulp-inject-envs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d230a528331dc71aa1fa5cb1d9fd8146d79d7e92f3aae2efd2ce7c177640b337 The package gulp-inject-envs was found to contain malicious code. Source: ghsa-malware 5dafa09839ea07c586670ac1a302805fb65ffaf32d1641dcab2be569a68231...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 10:32 p.m.6 views

EUVD-2025-199149

Malicious code in gulp-inject-envs npm...

6.6AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.8 views

ff-build (>=2.4.0 <=2.6.1) potentially affected by unknown CVE via gulp-inject-envs (=1.2.0)

gulp-inject-envs NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on gulp-inject-envs and may be impacted: - ff-build =2.4.0, =2.6.1 Source cves: unknown CVE Source advisory: SNYK:JS-GULPINJECTENVS-14103633...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-180156

Malicious code in backend-enif-gulp-titan npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.0 views

EUVD-2025-177711

Malicious code in nashira-dotenv-parse-variables-gulp-lynx npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-180115

Malicious code in bellatrix-gulp-barnard-dagda npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178630

Malicious code in gulp-kinetic-mongodb-astrometry npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-178631

Malicious code in gulp-javascript-carpo-markdown-pdf npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179223

Malicious code in dysonswarm-gulp-dendrochronology-iota npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.2 views

EUVD-2025-178626

Malicious code in gulp-rollup-plugin-carina-csv npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in apex-gulp-npm-dione (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5294aad7730d18543319acfe8ea7de730b6de8160892ee5e56072e4c6a5f6a6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in gulp-parcel-bioinformatics-halley (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e954d5023f3652da9264a4ff04b69f8bb31573498561742734a9118e944fb11b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in gulp-yildun-lacerta-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76a274bdb3d2616b5e76f058c31ebcdd115b7a1c639d4bd9c4736f68f31c0c47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-187257 Malicious code in gulp-yildun-lacerta-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76a274bdb3d2616b5e76f058c31ebcdd115b7a1c639d4bd9c4736f68f31c0c47 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-177677

Malicious code in nebula-gulp-bootes-kastra npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178095

Malicious code in link-astrometry-gulp-transhumanism npm...

6.6AI score
Exploits0
Rows per page
Query Builder