21 matches found
Malicious code in @nativescript-community/sentry (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac70fd6ee04f2650c317de593d4341b084f7a1564e4bf36fed85c72971ce9878 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @nativescript-community/ui-material-core-tabs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e43f7ab3687acb4775d0c018af848b2f959bafdfaa3556f42b4c67778254450 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47158 Malicious code in @nativescript-community/ui-material-core-tabs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e43f7ab3687acb4775d0c018af848b2f959bafdfaa3556f42b4c67778254450 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47161 Malicious code in @nativescript-community/ui-pulltorefresh (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 650cf81e4420b496c9854a80da4f8ba77516648b74a4b352e7099c04ecc4f026 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47152 Malicious code in @nativescript-community/typeorm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f52d32f97f0c022f47383943d101a89ef5465d96aece46233bc2005a4c14d6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47157 Malicious code in @nativescript-community/ui-material-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe208e03b1176bddeb8912705cd3294928ff3009cc5c7e98d9495dfd695feea8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @nativescript-community/ui-material-tabs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4102ccea0c14992d0974fb6022f1fff84012fc5ccb94c235452a1abc75a6f90c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47159 Malicious code in @nativescript-community/ui-material-tabs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4102ccea0c14992d0974fb6022f1fff84012fc5ccb94c235452a1abc75a6f90c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @nativescript-community/arraybuffers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbd4477b4250e2af1b9a5fdcd76d234900437c12290d3cc79ec173d8f0fbc862 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @nativescript-community/text (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70e308e7da4975ddec5cf39601e96232abc461d9544cc82745a13e8efd7b4200 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47148 Malicious code in @nativescript-community/perms (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc3fd96213519273f7b1eb5a8c0fd5d3b40c41fccda225d8d442dc2d3f44b882 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
@censujiang/nativescript-local-notifications (=6.4.0), @nativescript-community/audio (=6.4.14) +4 more potentially affected by unknown CVE via @nativescript-community/perms (>=3.0.11 <=3.0.3)
@nativescript-community/perms NPM version =3.0.11, =3.1.20, =7.0.0, =1.0.4, =0.0.1, =0.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-NATIVESCRIPTCOMMUNITYPERMS-12704723...
Embedded Malicious Code
Overview @nativescript-community/sentry is a cross-platform application monitoring tool, with a focus on error reporting Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...