MAL-2025-191074 Malicious code in better-queue-nedb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cba95c3245aa2713491b03e3bef1aaa75a05ffe517f1bf8625040fd0c465989c The package better-queue-nedb was found to contain malicious code. Source: ghsa-malware...

Malicious code in better-queue-nedb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cba95c3245aa2713491b03e3bef1aaa75a05ffe517f1bf8625040fd0c465989c The package better-queue-nedb was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199165

Malicious code in better-queue-nedb npm...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

EUVD-2021-1246

Malware in sbrugna...

GHSA-339J-HQGX-QRRX Prototype Pollution in nedb

This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload...

Prototype Pollution in nedb

This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload...

88slot-ap (=1.0.0), @_koi/port (>=0.1.7-alpha <=0.1.12-alpha) +1462 more potentially affected by CVE-2021-23395 via nedb (>=0.0.5 <=1.8.0)

nedb NPM version =0.0.5, =0.1.7-alpha, =2.2.0, =0.2.2, =0.2.2, =0.4.9, =0.8.8, =1.1.12, =0.7.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.2-alpha.23 and more Source cves: CVE-2021-23395 Source advisory: OSV:GHSA-339J-HQGX-QRRX...

Prototype Pollution

nedb is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as proto, constructor and prototype...

CVE-2021-23395

This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload...

CVE-2021-23395 Prototype Pollution

This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload...

CVE-2021-23395

CVE-2021-23395 affects all versions of the Nedb package and describes a prototype pollution vulnerability. The issue allows an attacker to add or modify properties on Object.prototype via proto or constructor.prototype payloads, enabling potential DoS or remote code execution paths depending on t...

CVE-2021-23395

This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload...

Prototype Pollution

Overview nedb is an embedded persistent or in memory database for Node.js, nw.js, Electron and browsers, 100% JavaScript, no binary dependency. Affected versions of this package are vulnerable to Prototype Pollution. The library could be tricked into adding or modifying properties of...

88slot-ap (=1.0.0), @_koi/port (>=0.1.7-alpha <=0.1.12-alpha) +1462 more potentially affected by CVE-2021-23395 via nedb (>=0.0.5 <=1.8.0)

nedb NPM version =0.0.5, =0.1.7-alpha, =2.2.0, =0.2.2, =0.2.2, =0.4.9, =0.8.8, =1.1.12, =0.7.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.2-alpha.23 and more Source cves: CVE-2021-23395 Source advisory: SNYK:JS-NEDB-1305279...

PT-2021-15488 · Nedb · Nedb

Name of the Vulnerable Software and Affected Versions: nedb versions all Description: The library could be tricked into adding or modifying properties of Object.prototype using a proto or constructor.prototype payload. This issue affects all versions of the package. Recommendations: For all...

Nedb 安全漏洞

Nedb is an embedded persistent or in-memory database for Node.js, nw.js, electronics and browsers, 100% JavaScript, no binary dependencies. A security vulnerability exists in Nedb, which stems from variables in Object.prototype that can be added or modified via proto or constructor.prototype load...

@abtnode/mongoose-nedb (=1.0.16), @alma/widgets (>=4.0.0 <=4.3.7) +271 more potentially affected by CVE-2018-13863 via bson (>=0.5.2 <=1.0.4)

bson NPM version =0.5.2, =4.0.0, =0.2.4, =0.2.4, =0.0.0, =0.4.1, =0.3.0, =0.2.0, =0.3.0, =0.3.0, =0.2.0, =0.0.1, =1.6.3-ml, =0.3.0, =0.0.1, =0.0.3 and more Source cves: CVE-2018-13863 Source advisory: OSV:GHSA-8462-Q7X7-G2X4...