1150 matches found
@arve.knudsen/bankai (>=9.6.0 <=9.10.14), @citation-js/browserify-disc (=1.3.4) +64 more potentially affected by CVE-2020-36632 via flat (>=0.2.0 <=1.6.0)
flat NPM version =0.2.0, =9.6.0, =2.6.0, =1.0.0, =1.0.0, =0.0.1, =0.0.1, =0.0.10, =1.0.0, =7.3.0, =9.10.4, =0.0.1, =0.0.2 and more Source cves: CVE-2020-36632 Source advisory: OSV:GHSA-2J2X-2GPW-G8FM...
3id-test-helper (>=1.0.0 <=1.0.4), @0xvaibhav/--core (>=1.0.0 <=1.0.4) +226 more potentially affected by CVE-2022-23487 via libp2p (>=0.27.4 <=0.37.3)
libp2p NPM version =0.27.4, =1.0.0, =1.0.0, =0.0.1, =0.9.139, =0.0.2, =0.0.1, =1.0.0, =1.9.40, =1.0.0-rc.3, =0.1.2-beta.2, =0.1.2-beta.2, =0.1.2-beta.2, =0.3.2, =0.5.2, =0.5.3 and more Source cves: CVE-2022-23487 Source advisory: OSV:GHSA-F44Q-634C-JVWV...
08cms (=1.0.0), 0uth (>=1.0.5 <=1.2.1) +13074 more potentially affected by CVE-2022-39353 via xmldom (>=0.1.11 <=0.6.0)
xmldom NPM version =0.1.11, =1.0.5, =1.0.0, =1.0.0, =1.7.3, =0.1.0, =0.0.2, =0.0.1, =1.0.2, =1.0.3, =1.0.23, =1.0.1, =1.3.1 and more Source cves: CVE-2022-39353 Source advisory: OSV:GHSA-CRH6-FP67-6883...
@trycar-packages-org/tc-entities-production (=1.0.93), otp-generator-strapi (>=1.0.0 <=1.0.1) +12 more potentially affected by CVE-2021-23451 via otp-generator (>=1.1.0 <=2.0.1)
otp-generator NPM version =1.1.0, =1.0.0, =1.0.4, =1.0.1, =1.0.1, =1.0.80, =0.0.1, =1.2.0, =1.0.1, =1.0.5 Source cves: CVE-2021-23451 Source advisory: OSV:GHSA-6X93-H9G3-9PHR...
0xsodium (>=0.2.0 <=0.14.0), 1password-config (=0.0.1) +11960 more potentially affected by CVE-2022-31150 via undici (>=0.3.3 <=5.7.0)
undici NPM version =0.3.3, =0.2.0, =1.0.0, =0.2.0, =0.4.0, =0.1.0, =0.0.1, =1.0.21, =1.0.1, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2022-31150 Source advisory: OSV:GHSA-3CVR-822R-RQCC...
@draadnl/openstad-cms (>=0.12.2 <=0.12.3), @ngodn/apostrophe (>=2.94.2 <=2.94.7) +38 more potentially affected by CVE-2022-21231 via deep-get-set (>=0.1.1 <=1.1.1)
deep-get-set NPM version =0.1.1, =0.12.2, =2.94.2, =1.3.0, =0.0.1, =0.5.235, =2.94.1, =0.5.0, =0.5.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =2.93.0, =2.93.2 and more Source cves: CVE-2022-21231 Source advisory: OSV:GHSA-MJJJ-6P43-VHHV...
Malicious Package
Overview kntl-digital3 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious code in new-npm-packages (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 65b2fd34a019f9d89883600a55b8b91648b8807475b80c031803d6c3382191b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
4q (>=0.5.0 <=0.6.0), @aibulat/fs (>=0.0.2 <=0.0.7) +100 more potentially affected by CVE-2022-21211 via posix (>=0.0.10 <=4.2.0)
posix NPM version =0.0.10, =0.5.0, =0.0.2, =0.0.1, =1.0.11, =1.0.0, =1.0.0, =1.0.0, =0.1.3-beta.0, =1.161.831, =0.0.0, =0.2.14, =1.13.0, =0.1.6, =1.1.7, =2.4.1 and more Source cves: CVE-2022-21211 Source advisory: OSV:GHSA-27MX-GCHC-6XJP...
@angie061099/md-links (=0.2.0), @boillodmanuel/markdown-link-check (>=4.0.1 <=4.7.0) +75 more potentially affected by CVE-2021-43308 via markdown-link-extractor (>=1.3.1 <=2.0.1)
markdown-link-extractor NPM version =1.3.1, =4.0.1, =0.0.2, =1.0.30001255, =1.0.0, =1.0.0, =0.0.33, =0.0.0, =0.1.11, =0.0.3, =0.1.0, =0.1.0, =1.1.0, =1.0.0, =1.1.0 and more Source cves: CVE-2021-43308 Source advisory: OSV:GHSA-MMH6-M7V9-5956...
@bolstergroup/botstr.io-set-times (>=0.0.1 <=0.0.7), @bolstergroup/botstr.io-spotify (>=0.0.18 <=0.0.43) +42 more potentially affected by CVE-2022-25759 via convert-svg-core (>=0.3.3 <=0.5.0)
convert-svg-core NPM version =0.3.3, =0.0.1, =0.0.18, =1.0.44, =0.1.0, =0.0.1, =0.1.6, =1.0.0, =0.0.1, =1.0.2, =0.3.0, =0.3.0, =1.0.3, =1.2.1 and more Source cves: CVE-2022-25759 Source advisory: SNYK:JS-CONVERTSVGCORE-2849633...
46c-sector (>=1.0.0 <=1.2.1), @aatishgh/antora_site_generator_lunr_custom (>=0.4.0 <=0.4.3) +430 more potentially affected by CVE-2022-21190 via convict (>=0.0.6 <=6.2.2)
convict NPM version =0.0.6, =1.0.0, =0.4.0, =0.0.1, =0.0.2, =1.0.0, =1.0.0, =1.0.0, =2.2.0, =0.0.1, =1.0.0, =0.0.1, =2.1.0, =2.0.0, =3.0.2 and more Source cves: CVE-2022-21190 Source advisory: OSV:GHSA-JJF5-WX3J-3FV7...
0726react (=0.1.1), 0x0range-homebridge-homeassistant (>=1.0.0 <=1.0.1) +8947 more potentially affected by CVE-2022-1650 via eventsource (>=0.0.10 <=1.1.0)
eventsource NPM version =0.0.10, =1.0.0, =1.0.4, =1.0.0, =0.0.1, =0.1.0, =1.4.0, =1.0.3, =1.0.4, =3.0.2, =5.0.1-0 and more Source cves: CVE-2022-1650 Source advisory: OSV:GHSA-6H5X-7C5M-7CR7...
@3-shake/3design-ui (>=1.7.3 <=2.1.7), @aider/ui (>=0.0.1 <=0.9.0) +301 more potentially affected by CVE-2022-25645 via dset (>=1.0.1 <=3.1.1)
dset NPM version =1.0.1, =1.7.3, =0.0.1, =0.0.1, =1.0.0, =1.0.0, =0.14.1, =2.8.2, =2.4.0, =2.4.0, =3.0.0, =1.0.0, =3.1.0 and more Source cves: CVE-2022-25645 Source advisory: OSV:GHSA-23WX-CGXQ-VPWX...
3nit-utils (>=0.30.0 <=1.0.2), 6ix (=0.0.0-canary.0) +1011 more potentially affected by CVE-2022-25858 via terser (>=4.0.0 <=4.8.0)
terser NPM version =4.0.0, =0.30.0, =0.0.0-canary.0, =0.0.1, =1.0.0, =1.0.0, =0.0.2, =0.0.2, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.10 - @agilejs/cli =1.0.0 and more Source cves: CVE-2022-25858 Source advisory: SNYK:JS-TERSER-2806366...
@0xcert/ethereum-bitski-backend-provider (>=2.0.0 <=2.0.3), @0xcert/ethereum-bitski-frontend-provider (>=2.0.0 <=2.0.3) +855 more potentially affected by CVE-2021-43138 via async (>=3.0.0 <=3.2.1)
async NPM version =3.0.0, =2.0.0, =2.0.0, =4.3.0, =0.0.6-1, =3.6.5, =0.0.73, =1.5.1, =1.7.58, =0.0.1, =1.3.6, =13.0.6, =5.1.1, =1.3.1, =0.0.2, =0.4.0-next.28 - @ahm-monash/private-test =1.0.0 and more Source cves: CVE-2021-43138 Source advisory: OSV:GHSA-FWR7-V2MV-HH25...
-llscw-react-cli (>=1.0.0 <=1.1.0-beta2), 002-node-cli (=1.0.0) +13412 more potentially affected by CVE-2022-25900 via git-clone (>=0.0.2 <=0.2.0)
git-clone NPM version =0.0.2, =1.0.0, =0.0.1, =1.0.0, =1.0.11 and more Source cves: CVE-2022-25900 Source advisory: SNYK:JS-GITCLONE-2434308...
0.8.18-p11 (=0.8.18-p12), 0.extends.wechat (>=1.0.51 <=1.0.65) +10270 more potentially affected by CVE-2021-44906 via minimist (>=1.0.0 <=1.2.5)
minimist NPM version =1.0.0, =1.0.51, =2.3.0, =0.0.1, =1.0.0, =1.0.0, =0.0.2, =0.3.0, =0.1.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =1.0.6 and more Source cves: CVE-2021-44906 Source advisory: OSV:GHSA-XVCH-5GV4-984H...
01-numacert (>=1.0.0 <=3.0.0), 06-tekbooks (=0.1.0) +46708 more potentially affected by CVE-2021-44906 via minimist (>=0.0.10 <=0.2.1)
minimist NPM version =0.0.10, =1.0.0, =0.3.0, =0.0.15, =1.0.4, =1.0.0, =1.0.0, =1.0.1 - 20190403-utils =1.0.0 - 20231122-npm =1.0.0 and more Source cves: CVE-2021-44906 Source advisory: OSV:GHSA-XVCH-5GV4-984H...
01_basic_webpack (>=1.0.0 <=1.0.8), 0726react (=0.1.1) +12885 more potentially affected by CVE-2022-24723 via urijs (>=1.16.1 <=1.19.8)
urijs NPM version =1.16.1, =1.0.0, =1.0.9, =0.0.1, =0.0.1-beta.0, =1.0.0, =1.0.4, =1.0.1, =0.0.1, =0.1.1, =0.1.0, =0.0.1, =0.0.3 and more Source cves: CVE-2022-24723 Source advisory: OSV:GHSA-GMV4-R438-P67F...