MAL-2025-192817 Malicious code in jz-native-js-bridge (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f5be9f16b75f7bf0ca5477443252a99142fcc146e923a7f77862df124ad6ac5 The package jz-native-js-bridge was found to contain malicious code...

CVE-2020-6830

For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token. This vulnerability affects Firefox for...