3 matches found
Malicious code in nitro-contracts (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fcfdc095311c01986f57ec3730d8e3600f3c83ffb5fc23c500a51eed38ea048d Any computer that has this package installed or running should be considered...
MAL-2025-5233 Malicious code in nitro-contracts (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fcfdc095311c01986f57ec3730d8e3600f3c83ffb5fc23c500a51eed38ea048d Any computer that has this package installed or running should be considered...
@abacus-network/helloworld (>=0.2.1-alpha <=0.2.1-beta2), @alt-research/orbit-sdk-avail (>=0.9.1 <=0.9.11) +108 more potentially affected by CVE-2022-35961 via @openzeppelin/contracts-upgradeable (>=4.2.0 <=4.7.0)
@openzeppelin/contracts-upgradeable NPM version =4.2.0, =0.2.1-alpha, =0.9.1, =0.19.0-beta.0, =0.1.0-alpha, =0.24.2, =1.0.0, =0.6.0, =1.1.4-migration-beta.0, =1.0.0-beta.0, =1.0.0-upstream-0.19.0, =1.4.0, =1.5.0-beta.0 and more Source cves: CVE-2022-35961 Source advisory: OSV:GHSA-4H98-2769-GH6H...