3 matches found
Malicious code in vend-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ed34c4d09a0f8bb373f141d18157203eb73efec9461434a7957dfe17ba72f1 package.json declares preinstall: node index.js, causing index.js to run automatically on npm install. The script collects installer host identity...
GHSA-Q94G-3GCF-66X7 uutils coreutils has an Incorrect Authorization issue
The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's real GID instead of their effective GID to compute the group list, leading to potentially divergent output compared to GNU coreutils. Because many scripts and automated processes...
CVE-2026-35370
The CVE concerns the id utility in uutils coreutils, where the groups= output is miscalculated because it uses the real GID instead of the effective GID to build the group list. This can cause output divergence from GNU coreutils, potentially affecting scripts and automated processes that rely on...