4 matches found
MAL-2025-149535 Malicious code in winston-yaml-webdriver-mocha-repository (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f2aafd2c598a36174246ed2a93655569ec5e247c8ea65d7573cc259e57155be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-120395
Malicious code in winston-yaml-webdriver-mocha-repository npm...
mocha-repository.info Cross Site Scripting vulnerability OBB-3891544
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
mocha-repository.info Cross Site Scripting vulnerability OBB-3258808
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...