2 matches found
MAL-2026-5551 Malicious code in @my_name_is_khn/express-security-tool-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e77b441acf56551e84d7dcac2da89dd7f287f6c0a6c028c669d78a90e6c58d3 On npm install, the package's postinstall script scripts/inject.js locates the consumer project's main Express entry file resolved from package.json...
CVE-2021-3603
PHPMailer 6.4.1 and earlier contain a vulnerability that can result in untrusted code being called if such code is injected into the host project's scope by other means. If the $patternselect parameter to validateAddress is set to 'php' the default, defined by PHPMailer::$validator, and the globa...