15 matches found
MAL-2025-183939 Malicious code in mitali-don-olika (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87fadd548aa021bf1a02103919dcd5ceb067b81889f358ac46da9f40e3244f87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in poglymer-oghh-fifaf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 461040528feb7929f516670438a4ec83959bced0e61fc285d9028a3189a43cc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-157573 Malicious code in keyla-poke103 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 643459bf27e7f18dc591cab526c718b5d0c62ae2cc75339aefa3320a4071d973 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140783 Malicious code in chromedriver-xml-pegasus-changelog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19f52ded8bfc84ebbe04d07b1108a8d1b710bbc95ccb3d81b2fe2ce1279bac8b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in wati-getuk28-sumpek (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21cc39cebdbbfa21cb1e3c3634f16a267ae7916dca040ff746f21babc9fbfe83 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sacred_unicorn_replicate_automation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d249e9de57c41ceb70dbe5e716f105543bfbb25aea024248261533cc67cb06e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-100629 Malicious code in cochran-soluble-pot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4af40d7147a454c2579ca959326990848dba2304b1ec5b6f1714aace161ace6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-99742 Malicious code in bad_parrot_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a933a8c8b49adb62e88fa4870c7b2bed999caf65f8f1a94b5512bca94e945062 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-95381 Malicious code in managing_zebra_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a84ea5bf4aa5225de8260943a5ceb0e55cbb8652bdf0222cb23ecd526600d346 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-94530 Malicious code in fit_dolphin_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 664555e7e47f564e4041662904fddf6a15cd0afe100b9f8b41a5b93c8cc9eae1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-94929 Malicious code in imaginative_sawfish_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 328959439e5a5da31a0d345a61edc9520f5d3a5ce21cb765ed72adf90e6bda23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-93405 Malicious code in bloody_tiger_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fda8df61be90230ff5572fab78fed1e7606dcf38dbd498856caaf1fb5c091cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-96403 Malicious code in rotten_whitefish_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb0197185c55bff820de79b9cd861411a56d5ff20d4060619d587719fa60acb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-89782 Malicious code in putri-soto73-kyuki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb3d1bb2b244005bd1c2ab7a6e29de4725df87820bd264dbdfe8df6b33899302 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
hibernate-validator: safeHTML validator allows XSS
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack...