MAL-2025-40340 Malicious code in yarn-design-system-jsdoc-template (npm)

The package yarn-design-system-jsdoc-template was found to contain malicious code...

MAL-2024-11500 Malicious code in woocommerce-grow-jsdoc (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in woocommerce-grow-jsdoc (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in grunt-jsdoc-to-markdow (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d135d391d7c609533927783c1b58db569b28c0f6cd2b7e52e5b4dd59ec131ee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

peanut-restify (>=1.1.0 <=1.1.66) potentially affected by unknown CVE via restify-swagger-jsdoc (>=1.1.2 <=1.2.1)

restify-swagger-jsdoc NPM version =1.1.2, =1.1.0, =1.1.66 Source cves: unknown CVE Source advisory: OSV:GHSA-GVFF-25CC-4F66...

GHSA-GVFF-25CC-4F66 Path Traversal in restify-swagger-jsdoc

Versions of restify-swagger-jsdoc prior to 3.2.1 are vulnerable to Path Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths. Recommendation Upgrade to version 3.2.1 or later...

Path Traversal in restify-swagger-jsdoc

Versions of restify-swagger-jsdoc prior to 3.2.1 are vulnerable to Path Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths. Recommendation Upgrade to version 3.2.1 or later...

faker.js - Generate Massive Amounts of Fake Data

Generate massive amounts of fake data in Node.js and the browser. Demo https://cdn.rawgit.com/Marak/faker.js/master/examples/browser/index.html Hosted API Microservice http://faker.hook.io Supports all Faker API Methods Full-Featured Microservice Hosted by hook.io curl...