Lucene search
K

9 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 11:54 a.m.10 views

Malicious code in ioredis-os (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 387bee0d123eeed248b8be6281784b88d2a3385943a3f696541c1ce48b1c817a ioredis-os appends -os to the widely-used ioredis package name and ships what appears to be a verbatim fork of ioredis same author, same upstream...

5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 4:23 p.m.7 views

Malicious Package

Overview ioredis-typed is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/11 4:23 p.m.13 views

Malicious Package

Overview ioredis-orm is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score
Exploits0References2
OSV
OSV
added 2026/06/11 4:23 p.m.9 views

MAL-2026-5676 Malicious code in ioredis-typed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1bd3dadb6d1e5369a82a26b784f5d557e289158636cdf678333f9deef05dd996 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/11 4:23 p.m.15 views

MAL-2026-5675 Malicious code in ioredis-orm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15186d98f16a0cfdcb0cac8d616ea4afc4e6d1443be464ef1a140ab79a5d5d0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 4:23 p.m.10 views

Malicious code in ioredis-orm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7edb2baf96d81e8c5e6853e041bc82ed8bab6aa8de5a9c70fa8c90b2ac6fd08 The tarball ships a verbatim copy of the legitimate ioredis Redis client source same layout, same Redis class, identical description text 'A robust,...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 4:23 p.m.17 views

Malicious code in ioredis-typed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b79e90c5d77b68f22ec4aa1245ff3f82cb6414502a64ef7898b67aa1019455c1 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2024/10/16 12:58 p.m.6 views

MAL-2024-9669 Malicious code in instrumentation-ioredis (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Veracode
Veracode
added 2020/12/28 11:7 a.m.12 views

Prototype Pollution

ioredis is vulnerable to prototype pollution. The vulnerability exists as the reply transformer does not check for special field names and mishandles malicious keys proto, which could, at worst, result in a denial of service condition due to limitations of not being able to overwrite global...

4AI score
Exploits0
Rows per page
Query Builder