21 matches found
EUVD-2025-199495
Malicious code in @kvytech/medusa-plugin-promotion npm...
Malicious code in @kvytech/habbit-e2e-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99bc98f56e53ded216f20185150816d9ee319d2e9570684bb920a024c92fae93 The package @kvytech/habbit-e2e-test was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199304
Malicious code in @kvytech/habbit-e2e-test npm...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-198861
Malicious code in @kvytech/medusa-plugin-newsletter npm...
Malicious code in @kvytech/medusa-plugin-announcement (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fda18824e7544b009117ab962028a53a03245d741b85fa30789a9cda67f5b1b The package @kvytech/medusa-plugin-announcement was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198782
Malicious code in @kvytech/medusa-plugin-announcement npm...
Malicious code in @kvytech/components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1e27717d96aa14c260a48ca84c38f3f08f6b3352f82cd27b83ac56547c46cc6 The package @kvytech/components was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198783
Malicious code in @kvytech/components npm...
@kvytech/cli (>=0.0.4 <=0.0.6) potentially affected by unknown CVE via @kvytech/components (=0.0.1)
@kvytech/components NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @kvytech/components and may be impacted: - @kvytech/cli =0.0.4, =0.0.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190743...
Malicious code in @kvytech/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae232c63ad02e601361c2ec6df0ccfc38f274d3a22a1a08a5de3746dbf596c40 The package @kvytech/cli was found to contain malicious code. Source: ghsa-malware a6425961d953e5d0f73300b7a8b700773e9d1adbfc6b1364b3fa1ae59a8d798d A...
EUVD-2025-198785
Malicious code in @kvytech/cli npm...
MAL-2025-190742 Malicious code in @kvytech/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae232c63ad02e601361c2ec6df0ccfc38f274d3a22a1a08a5de3746dbf596c40 The package @kvytech/cli was found to contain malicious code. Source: ghsa-malware a6425961d953e5d0f73300b7a8b700773e9d1adbfc6b1364b3fa1ae59a8d798d A...
EUVD-2025-198787
Malicious code in @kvytech/medusa-plugin-management npm...
EUVD-2025-198789
Malicious code in @kvytech/medusa-plugin-product-reviews npm...
MAL-2025-190746 Malicious code in @kvytech/medusa-plugin-product-reviews (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e7d8c065be2eaeb4187aed0dbe61de9f0f0ee2b51d61330d9211866dff01504 The package @kvytech/medusa-plugin-product-reviews was found to contain malicious code. Source: ghsa-malware...
Malicious code in @kvytech/web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 672e54c563ac24228f5896f325e61334edd27ee1fc1f8b6ea507317a67a373ff The package @kvytech/web was found to contain malicious code. Source: ghsa-malware adf7f7677776afa0f22b2829e53b9066a1af3e658c63a20dcf0d3ee55111f2ca A...
MAL-2025-190747 Malicious code in @kvytech/web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 672e54c563ac24228f5896f325e61334edd27ee1fc1f8b6ea507317a67a373ff The package @kvytech/web was found to contain malicious code. Source: ghsa-malware adf7f7677776afa0f22b2829e53b9066a1af3e658c63a20dcf0d3ee55111f2ca A...