5 matches found
EUVD-2025-199149
Malicious code in gulp-inject-envs npm...
Malicious code in gulp-inject-envs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d230a528331dc71aa1fa5cb1d9fd8146d79d7e92f3aae2efd2ce7c177640b337 The package gulp-inject-envs was found to contain malicious code. Source: ghsa-malware 5dafa09839ea07c586670ac1a302805fb65ffaf32d1641dcab2be569a68231...
ff-build (>=2.4.0 <=2.6.1) potentially affected by unknown CVE via gulp-inject-envs (=1.2.0)
gulp-inject-envs NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on gulp-inject-envs and may be impacted: - ff-build =2.4.0, =2.6.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191105...
MAL-2025-191105 Malicious code in gulp-inject-envs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d230a528331dc71aa1fa5cb1d9fd8146d79d7e92f3aae2efd2ce7c177640b337 The package gulp-inject-envs was found to contain malicious code. Source: ghsa-malware 5dafa09839ea07c586670ac1a302805fb65ffaf32d1641dcab2be569a68231...
ff-build (>=2.4.0 <=2.6.1) potentially affected by unknown CVE via gulp-inject-envs (=1.2.0)
gulp-inject-envs NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on gulp-inject-envs and may be impacted: - ff-build =2.4.0, =2.6.1 Source cves: unknown CVE Source advisory: SNYK:JS-GULPINJECTENVS-14103633...