10 matches found
EUVD-2025-37060
Malicious code in mod-manager npm...
Malicious code in mod-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ec890b586ea0ff47a8ba914ff95c535bdeebbdfaf6788b6357a5afae32c9463 The package mod-manager was found to contain malicious code...
MAL-2025-49233 Malicious code in mod-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ec890b586ea0ff47a8ba914ff95c535bdeebbdfaf6788b6357a5afae32c9463 The package mod-manager was found to contain malicious code...
active-window-listener (>=1.1.0 <=1.1.1), node-red-contrib-writeexif (>=0.0.1 <=1.0.1) +3 more potentially affected by unknown CVE via exiftool-vendored (>=11.5.0 <=14.0.0)
exiftool-vendored NPM version =11.5.0, =1.1.0, =0.0.1, =1.4.2, =2.0.0, =0.4.0, =2.0.1 Source cves: unknown CVE Source advisory: OSV:GHSA-4WHQ-R978-2X68...
mod_cluster: Buffer overflow in mod_manager when sending request with long JVMRoute
It was discovered that specifying configuration with a JVMRoute path longer than 80 characters will cause segmentation fault leading to a server crash...
mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages
A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...
mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages
A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...
mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages
A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...
mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages
A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...
mod_cluster: JavaScript code injection is possible via MCMP mod_manager messages
A flaw was found in the way the modcluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the modcluster manager web interface...