17 matches found
MAL-2025-191045 Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...
Malicious code in @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6b81efa112c215fc1db9c23a7808a0d8613c693b7e60a8e988a360a5f1fb54 The package @orbitgtbelgium/mapbox-gl-draw-cut-polygon-mode was found to contain malicious code. Source: ghsa-malware...
Malicious code in @orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e4c029f895b6e2e59e54d01b72927b97daa87a560816829220a1b62775221ae The package @orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198655
Malicious code in @orbitgtbelgium/mapbox-gl-draw-scale-rotate-mode npm...
EUVD-2025-35999
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tempranova WP Mapbox GL JS Maps wp-mapbox-gl-js allows Stored XSS.This issue affects WP Mapbox GL JS Maps: from n/a through = 3.0.1...
WordPress WP Mapbox GL JS Maps plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP Mapbox GL JS Maps versions = 3.0.1...
Malicious Package
Overview mapbox-gl-ts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-32637
Malicious code in mapbox-gl-ts npm...
Malicious code in mapbox-gl-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d036b317c8c49cc8982dedb6417e57b1669e9dfc07159bf4a7e6fb136ff939c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47998 Malicious code in mapbox-gl-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d036b317c8c49cc8982dedb6417e57b1669e9dfc07159bf4a7e6fb136ff939c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mapbox-gl-js-toys (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6844 Malicious code in mapbox-gl-js-toys (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in mapbox-gl-js (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ada891fdc8acdf8af20afcf9782848cf7cf035176b623fdf8c82a3b046d43005 Any computer that has this package installed or running should be considered...
MAL-2025-5433 Malicious code in mapbox-gl-js (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ada891fdc8acdf8af20afcf9782848cf7cf035176b623fdf8c82a3b046d43005 Any computer that has this package installed or running should be considered...
CVE-2022-38216
An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds...
Malicious code in mapbox-gl-shaders (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a1f7d3a74544441d9a6896ce7b394f740835531a70d9d75849e94fa2e8a9251 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4473 Malicious code in mapbox-gl-shaders (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a1f7d3a74544441d9a6896ce7b394f740835531a70d9d75849e94fa2e8a9251 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...