@dm3-org/delivery-service (>=1.4.0 <=1.7.1), @dm3-org/dm3-backend (>=1.0.1 <=1.7.1) +18 more potentially affected by unknown CVE via @dm3-org/dm3-lib-shared (>=1.0.6 <=1.7.2)

@dm3-org/dm3-lib-shared NPM version =1.0.6, =1.4.0, =1.0.1, =1.0.5, =1.0.5, =1.0.5, =1.0.5, =1.0.5, =0.0.1-alpha1, =1.0.5, =1.4.0, =1.0.0, =1.0.7 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-3713...

Malicious code in lib-storage (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9687 Malicious code in lib-storage (npm)

--- -= Per source details. Do not edit below this line.=-...

Open-Xchange: Two heap use-after-free errors in IMAP operations

Summary ======= We’ve found two heap use-after-free errors, one in lib-storage/index/index-storage.c: indexcopycachefields and one in lib-index/mail-index-sync-update.c: mailindexsyncrecordreal. Error 1: indexcopycachefields ---------------------------------------------- This error involves two...