3 matches found
MAL-2025-47223 Malicious code in @things-factory/integration-base (npm)
Suspicious postinstall script executing bundle.js, which contains excessive unsigned bitwise math, indicating potential malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f6b2496d9a593750ea26a4cea41022e9b78c9bae1ac1b398aa506868e90e794e Any computer...
org.apache.pinot:pinot-distribution (>=0.1.0 <=0.9.3), org.apache.pinot:pinot-integration-test-base (>=0.9.0 <=0.9.3) +3 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-broker (>=0.1.0 <=0.9.3)
org.apache.pinot:pinot-broker MAVEN version =0.1.0, =0.1.0, =0.9.0, =0.1.0, =0.1.0, =0.1.0, =0.9.3 Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...
org.apache.pinot:pinot-distribution (>=0.1.0 <=0.9.3), org.apache.pinot:pinot-flink-connector (>=1.0.0 <=1.2.0) +6 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-controller (>=0.1.0 <=1.2.0)
org.apache.pinot:pinot-controller MAVEN version =0.1.0, =0.1.0, =1.0.0, =0.9.0, =0.1.0, =0.8.0, =0.8.0, =0.1.0, =0.1.0, =0.9.3 Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...