33 matches found
AZL-75389 CVE-2025-11065 affecting package cert-manager 1.12.15-4
A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...
Malicious code in lobac-ub-badadiudcafu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ffc67a72f80fa7df1dea458617b4390b04c2672ddad96b537a5e90e2d9cf2050 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-179298 Malicious code in unimana-satgub-nainab (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e088aa01cee90726df8eba7accd4a8b28b8f007f36d46ed1deac675a9589d03 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in leda-grus-bellatrix-docusaurus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d2a51ebbb849846453bc0fd4d1586326a1133e7270c457e0aa383d38414111b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-111108
Malicious code in mira-cz-conventional-changelog-iota-webdriver-manager npm...
EUVD-2025-120617
Malicious code in webdriver-manager-chariklo-aether-phoenix npm...
MAL-2025-137979 Malicious code in wawan-naget64-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aa2f259540fb9e5865da92ea9b8db6858f703d13398f9e6040b8f7887da1cd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-134918 Malicious code in kresna-tempe46-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d917a7de3669cb87600aa4201540f033b278368646d5a5a3015ecf3a9c8e3a4e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in biological_raccoon_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5e10deaf87f43048e7a6498008d6a9c39f398f34403adde962586cdce3397ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-125957 Malicious code in dono-sate86-wekto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 896c5c1bcb6a97662f6d9962f8b34af3ddbcc0de591886298d9dd37f375d26c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in putra-rawon97-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f711f93c1a40c9e54944bbd9255649856d7868c136fc5fb42d7e6f25d923555b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-105483 Malicious code in mahesa-oncom68-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7690b03dc96c8a86211574fb128eee5e4ccb0ba8e8d40b6ed22554e4324cf947 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in delicate_locust_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a2ecfd4fe420b48b3dc22d3161bb47b048b28d0120da0363a5f12d4baf82b8d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in arif-ruwet26-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7718eb887311ee7b7981c024fbec63ba782cbc5579356092cee00323434088c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-86993 Malicious code in jaja-ongol-ongol65-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24e0aa8c2dddd8096a7d6f5169f7417eb883421e8eb0779e1104af50c6b959a1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dian-sambel27-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9210a1bf528b61a3025cc1fdd27cb860ef37ae8ea26dca295dc67cd90ec549e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-39521
Malicious code in gilang-dodol29-apidev npm...
MAL-2025-37232 Malicious code in trucks-cli (npm)
The package trucks-cli was found to contain malicious code...
MAL-2025-11595 Malicious code in @zalastax/nolb-glp (npm)
The package @zalastax/nolb-glp was found to contain malicious code...
MAL-2025-35887 Malicious code in test-mlw2-nulls-rumba-idler-moued (npm)
The package test-mlw2-nulls-rumba-idler-moued was found to contain malicious code...